RSS Alerts

Related Links

Related Stories

  • What level of authentication is needed?
    Usability and context are often more important than the absolute effectiveness of authentication. It's why the simple password refuses to die, reports William Knight.
  • XP single sign-on applications fail on Windows 7
    Windows XP single sign-on applications will fail on Windows 7, businesses were warned today.
  • Technical Theatre Agenda
    Covering Information Security issues and technical advances.
  • Twitter accounts being hacked by cybecriminals looking for value
    Internet user accounts and passwords – known as credentials in security circles – are rising in value and, say some reports, the credentials on Twitter, the social networking portal, can be worth up to $1000.
  • Comment: The smart way to safer hospitals
    Over the past few years, the healthcare sector has become increasingly dependent on information technology. Contactless smart card technology has been used many years in other industries, and is now helping to solve some longstanding thorny issues in the healthcare sector: safeguarding patients and staff and protecting confidential patient information.

News

ISSE 2009: Smart cards can result in 644% return on investment

08 October 2009

Smart cards can result in a 644% return on investment in an enterprise with 2000 employees, Philip Hoyer, senior architect at UK-based ActivIdentity, said at ISSE 2009 in The Hague.

Smart cards – mainly used for access, remote access, sign on and physical access – allow quicker authentication, people are happy to use them, and they can host many different applications, Hoyer argued.

Among the benefits of using smart cards, Hoyer listed:

  • A reduction password related queries to helpdesks, which typically cost US$20-50 per call, as they bring down the amount of passwords needed
  • In the USA, they use a lot more insurances, and strong security lowers the insurance premium
  • Smart cards are slightly less expensive than other two-factor authentication such as security tokens
  • Smart cards allow control over who has access to what and when
  • Smart cards are quick to install, although it can take time to manage the rest of the credentials.

Hoyer also told the ISSE 2009 audience that the use of smart card can save over 2000 man-hours a year, and quicker entry access can save a 2000-strong company US$470 000 a year.

Tokens have to be replaced after three years, smart cards last longer and require no batteries. Furthermore, more and more computers now come with smart card readers, which further reduces implementation costs.

However, there are also some pitfalls to be aware of when deploying smart cards, Hoyer warned:

  • Not having a clear business case for smart cards to start with
  • Not educating the end user of smart cards on why and what is happening
  • Going for the ‘big bang’ approach of implementing it all at once
  • Not involving the infrastructure team early enough in the smart cards planning and development
  • Choosing the wrong smart card technology – it evolves very fast
  • The misconception that smart card middleware is not needed
  • Not involving enough senior stakeholders in the planning of smart card deployment
  • Technical resources making business requirements decisions.

To avoid these pitfalls, Hoyer suggested some ‘best practices’ for deploying smart cards:

  • Not be too technology centric
  • Look at it from a business perspective: what can smart cards do for you?
  • Get executive support
  • Keep business line owners involved
  • Educate the smart card users
  • Fine tune what you have
  • Learn from other people’s mistakes...

 

This article is featured in:
Identity and Access Management

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water