AuditorForum site is in the process of implementing electronic physical access controls. The IT department has identified the following options:
- Password
- Access cards / tokens
- Bio-metric system
You are required to write a note giving brief comparison of the above with respect to ease of use and level of security.
Level of Security 1: Password
Password is an authentication control in which entry into any physical environment is based on something you know. Generally a keypad entry system is used for entering password which is verified by a suitable program to allow physical access to a facility.
Passwords are easy to use but need to be memorized. In comparison to other electronic controls it is weak as it can be guessed and/or stolen.
Level of Security 2: Access Cards/Tokens
This is an authentication control in which entry into any physical environment is based on something you have. Generally a swap card terminal or show card terminal is used for authenticating access cards and gaining physical access to a facility.
It is easier to use than password as one does need to memorize it. However, it has to be kept in custody at all times. It is a weak control as compared to a biometric control and can be compromised if stolen.
Level of Security 3: Bio-metric System
This is an authentication control in which entry into any physical environment is based on something you are. Generally finger print, hand and retina scanners are used for authenticating users and gaining physical access to a facility.
It is easier to use than other electronic controls as one does not need to memorize or to keep as an article all the time. It is strongest control than other electronic controls. Authentication by this control guarantees user’s identity as a user cannot share this control like a password or access card.
Share the Security system in your organization or provide feedback on auditorforum implementation. Do share this practical Question and answer with your Fellows.