Securing Mobile and Cloud Computing

July 04, 2011  |   BSI Product Overview   |     |   Comments Off

As we become more mobile in our computing activities from banking, shopping, working and education, cyber crime is also increasing and costing individuals and businesses billions of dollars each year. According to the DOJ, in the past two years, it is estimated that over 11.7 million Americans were victims of identity theft.

Even the FBI reports that “identity theft has emerged as a dominant and pervasive financial crime that exposes individuals and businesses to significant losses and undermines the credibility and operation of the entire U.S. financial system.”

Enterprise Architecture for Authentication

BSI authenticates the WHO before granting access

One of the reasons this is happening is the security and management, rather lack of management, of passwords by only requiring a single layer to protect data which makes it very easy for cyber criminals to gain access to systems and devices. The White House has created a new program, National Strategy for Trusted Identities in Cyberspace (NSTIC), where they are working to create an Identity Ecosystem which will utilize trusted credentials to prove the identity of the person gaining access.

Creating a secure environment for protecting data from physical assets to cloud computing also creates a higher level of needing security-related statutory and regulatory requirements, standards and best practices. Over the past two decades, IT management has paid more attention to protecting the systems that store the data than identifying “who” is accessing them.

BSI offers a scalable solution for mobile and cloud computing vendors by authenticating the “who” is using credentials to log into the system or device as demonstrated in this illustration.

There are numerous laws and regulations that require a “stronger” password, i.e. Multi-factor Authentication(MFA):

  • DEA, DHS
  • Higher Education Act
  • FFIEC
  • HIPAA, SOX, GLBA
  • HSPD 12, M11-11, FICAM
  • Specter-Leahy Data Privacy & Security Act 2007
  • Online Child Protection Act
  • 44 State Privacy Laws
  • Age/verification/ for Social networks regulations
  • Payment Card Industry (PCI)
  • 21 CFR Part 1
  • Bill 198 Canada
  • ISO 7099 Best IT practices
  • Federal Information Security Management Act (FISMA) certification for cloud computing

Biometric Signature ID has met such standards and requirements for providing a multi-layer, credential that exceeds the national standard by a factor of three. Following the guidance standard found in the US Electronic Code of Federal Regulations 21 C.F.R. 1311.116 regarding two-factor identification, BSI meets the requirement:

“Any biometric that meets the criteria found in 21 C.F.R. 1311.116 may be used as the biometric factor in a two-factor authentication credential used to indicate that prescriptions are ready to be signed and sign controlled substance prescriptions. The use of biometrics as one factor in the two-factor authentication protocol is strictly voluntary, as is all electronic prescribing of controlled substances.”

Third party testing by The Tolly Group also reports that their “Testing demonstrated that BioSig-ID accuracy rates meet or exceed key industry standards for authentication such as US electronic code of federal regulations 21 C.F.R. 1311.116.”

BSI Exceeds Government MFA Requirements
BSI Exceeds Government MFA Requirements

Want to find out more about BSI solutions for your organization? You can test drive BioSig-ID™ today by clicking here or contact us today for a live demo by clicking here.

Comments are closed.

Industry Use Cases

Latest News

  • Jeff Maynard CEO of Biometric Signature ID Participates at IDESG Conference for Online Privacy
    05/10/2013

    Jeff Maynard CEO of Biometric Signature ID Participates at IDESG Conference for Online Privacy  Dallas May 10, 2013. Biometric Signature ID (BSI) CEO Jeff Maynard attended the Identity Ecosystem Steering Committee Group (IDESG) meeting this week to take part in discussions about online privacy and its continuous importance in cyberspace.  The meeting held in Santa [...]

  • NSTIC-led ID plan earmarks $4 million to secure state government services
    04/03/2013

    The two-year-old initiative to create an identity layer for the internet is backing a set of projects aimed at creating identity-based security to support state and local government services online. Read More

  • Gesture Recognition & Touch-less Sensing Market Worth $12.21 Billion by 2018
    04/03/2013

    According to a new market research report Gesture Recognition & Touchless Sensing Market (2013 – 2018): By Technology (RFID, IR, Capacitive); Product (Biometric, Gaming, Smartphone); Application (Healthcare, Consumer Electronics, Automotive); Geography (Americas, EMEA, & APAC), the total touchless sensing and gesture recognition market is expected to reach $15.02 billion by 2018 growing at a CAGR of 34.94% from 2013 to 2018. [...]

  • Two-Step Verification Will End Consensual Impersonation
    04/03/2013

    A couple of months back, I advocated killing your password policies and applying some other techniques instead to make existing use of passwords more effective (including my hobby horse: take the user-experience sting out of rotating ordinary static passwords by pushing them out to users on an alternate channel, à la activation codes and other [...]

  • Click and Go Vote: PA politician proposes online registration
    04/03/2013

    HARRISBURG — It’s possible in these days of instant connectivity to monitor nearly every financial, physical and social transaction using the Internet – from banking to travel, and from dieting to dinner reservations. Read More