4. COST OF A DATA BREACH
Can You Afford $6.65 Million?
Companies that are reluctant to invest what it takes on data security better be prepared to pony
up a lot more if their systems are ever breached.
In 2008 the average total cost of a data breach was $6.65 million,
up from $6.35 million last year and $4.54 in 2005.
In 2008, the per-victim cost of a data breach was $202, up from
$197 in 2007, and from $138 when the study was launched in 2005.
Breaches that were the result of a lost of stolen laptop computer
bore a per-victim cost of $249.
Ponemon Institute
February 2009
5. A 2007 FBI report
◦ Foreign countries are training their
intelligence officers in how to hack
into US computers
Compuware Study Oct 2008
◦ 75% of data breaches in the US
are done by people inside the
organization.
Camouflage Software Inc.
◦ 70% of data breaches are internal
◦ Average cost to an organization
per breach is $4.7M
6. The Inflexis Identity Management System
TRUSTED Peripherals Inflexis MobileID™
Inflexis MobileID™
Multi-Functional
• Key to Your Computer
•2G & 8G Encrypted Data Storage
Inflexis DesktopID™
• Biometric Secure Log On
Inflexis Server Software
Inflexis DesktopID™ • Multiple Data Storage Partitions
• Protects your Network / Data
• Built-In Microprocessor
• Coordinates with Active Directory • Biometric Secure Log On
• Runs on Any Windows PC
• Biometric User Enrollments • USB Plug and Play Without SW Installation
• Central Mngt for Device Positioning • Display Screen
• Secure Embedded Processor
• Installation & Configuration Tools • Rechargeable Lithium Battery
• Encrypted Transfers of All Data
• Key Management • Functions Not Connected to PC
• Auditing & Activity Log Support • High-Speed USB 2.0 Cable • Can Operate as an OTP Token
• Flexible to Suit your Needs Even When Disconnected from
• Works with Current Systems the USB Port
Best in Class Identity Management
7. INFLEXIS SOFTWARE SYSTEM ARCHITECTURE
3rd Party Applications IDWare Applications
• Win Logon • Secure provisioning
• SSO • Win Logon
• FVE • MS File/Folder
• Secure Email Encrypt / Decrypt
support iDWare Server
• Citrix Log on MMC Plug In
• RSA / OTP • Other?
• SC Like Apps. Active
• Other? Directory
Server
iDWare API OS
iDware Client Services
Trusted
Peripheral Client OS
USB Stack
Encrypted USB Channel
Best in Class Identity Management
8. TRUSTED PERIPHERAL
ARCHITECTURE
Secure Flash
Volume
TRUST FEATURES
Public Flash
Volume
Data Store
NAND
RAM Hardware is Not “Hackable”
Flash
Code
◦ No Downloadable Debugging Tools
◦ PCB Design Prevents Access to Connections
Secure
Encryption Keys and Key Pairs that
Processor Guarantee:
Boot
Loader ◦ Trusted Peripheral Code has Not been Hacked
◦ Trusted Peripheral Only Works with Trusted
idWARE SW components.
◦ Only the Domain Administrator can Write
Encrypted Templates and Logon Credentials to the Data
USB Channel Store
◦ Encrypts the Data Store
◦ Encrypts all the Secure Flash Volumes
◦ Session Key Encrypts the USB channel
Best in Class Identity Management
9. VALUE FOR YOUR “ENTERPRISE”
Users
◦ Easy to Use – Just Swipe Your Finger
Especially for Repeated Identity Requests
◦ Protect Users – Give Credits - Prevents Blame
◦ Just Plain – CONVENIENT
IT Managers
◦ Out of the Box Compatible with Active Directory
◦ Centralized Management
◦ Secure Over the Network Provisioning
◦ Reduced Password Management Costs
CSO’s, CIO’s & CEO’s
◦ Ease of use Leads to Acceptance
◦ Ease of Use Allows Greatly Enhanced Identity Management
Information, Applications, Transactions
◦ Enhanced Identity Management = Enhanced Security / Compliance
Deter Fraud – People Understand that Fingerprints Represent Them
Make Audit Data Irrefutable
◦ Ease of Use = No Impact on Workflow (aka productivity)
Best in Class Identity Management
10. BENEFITS FOR THE ENTERPRISE
Biometric Identification
Secure Windows Logon. Eliminates management cost and
production downtime associated with forgotten passwords.
Enhanced Security
Achieved through strong authentication and data encryption
coupled with the need for an actual
user to be present for logon
Snoop Proof
Provides an on-board authentication processor and fingerprint
sensor to manage the identification process and fully encrypt
all communication to and from the device
Adaptable
Interfaces with Windows Active Directory and can add
biometric security management to your existing network
authentication system
Encryption of Local Files, Folders, Volumes
Using Windows Services on a Client PC
Using Inflexis Secure processor for Encryption on the
MobileID.
Best in Class Identity Management
11. MANAGEMENT BENEFITS
FOR THE ENTERPRISE
Audit Trail
All specified transactions are logged
so that access to confidential data can
be tracked for compliance
Easy to Install and Maintain
Out of the box functionality; centrally enroll and deploy
Administrative Software
Server-hosted, advanced security
software provides management control and
simplifies deployment and administration
Advanced Compliance
System components meet requirements access
Cost Effective
An affordable solution with additional cost
savings from reduced password management
Best in Class Identity Management
14. System Benefits:
Access Management Site and Building Security
Eliminates Fraudulent Access to Facilities and/or Rooms
Protects the Identity of your Visitor’s / Employee’s
Confidential Information
Simply Place Finger on Scanner to be Identified
Displays Picture and Profile Information of Individual
Administrative Benefits:
Provides Complete Administrative Control
Centralized Authentication Data
Simple User Interface
Immediate Authorization to as Many Locations / Access Points
Individuals are Approved to Enter
Flag Individuals Not Authorized Access
Print Detailed Attendance Reports: Daily, Weekly, Monthly
Instant Site Inventory Report in Case of Emergency
Review and Print Onsite Count
Recognize Unauthorized Attempts for Access
Affordable!
15. MARKET OVERVIEW
Whether you are a facility managing employees, authorized personnel, members, customers,
patients, visitors, students, inmates, etc, you need a way to better monitor and have a secure ID for
identifying individuals, such as:
Military Bases – Authenticating visitors at security Banking – Customer identification regarding
checkpoints accounts and safety deposit box access
Public Safety Agencies – Monitoring property and evidence Check Cashing Providers – Prevent identity
rooms, as well as crime scenes fraud with requiring authentication to cash
check
Port and Maritime Authorities – Identification of crew
members and dock personnel, in addition to controlling Pre-School/Daycares – Match approved
access to restricted areas parents/adults to a specific child / children
checking in and out of the building
Jail Facilities – Track visitors entering jail, properly identify
inmates for entrance and release, and probation Schools – Identify students, faculty, or
attendance volunteers in the front office or at various
locations throughout campus
Medical Facilities – Patient identification and medical /
pharmaceutical supply room inventory tracking Member-Based Establishments – Retrieve
member profile information quickly and easily
17. The solution is ideal for employee or visitor time
tracking, offering the following benefits:
• Easily integrates into any time and attendance or
accounting software
• Import/Export data capability from SQL compliant backend
• Replace costly time cards or punch-clocks
• Provide a seamless, front-end biometric time clock interface
• Prevent “buddy punching” and identity fraud
• Protect confidential employee information
• Eliminate human error in time and attendance calculations
• Optimize staff or personnel efficiency
• Improve attendance reporting accuracy
• Centralize attendance data from disparate locations
18. Intuitive User Administration
Administrators can manage all enrolled user
information from a central console.
Authentication requests are tracked in real-time
and data is easily maintained through an
intuitive interface.
Configurable Data Management
When adding a new person into the system,
administrators input general contact
information, capture a digital photograph, and
enroll the person’s fingerprints. Two
fingerprints are stored for each person so there
is always a backup. In the web-based version,
all data fields are customizable to meet the
unique requirements of any business.
19. Robust Fingerprint Matching Engine
An enrolled person can be instantly identified with a
single fingerprint scan from any PC using one of our
fingerprint readers and the Bio-Tracker™ software.
Once authenticated, the person’s picture and
information is displayed. Since Bio-Tracker™ is
powered by our robust Bio-Plugin™ fingerprint
software, profile information can be retrieved at
20,000 persons/second in a single CPU machine.
Real-Time, Comprehensive Reporting
Multiple reporting features are available through the
administrative console. Authentication activity can be
monitored in real-time and custom reports can be
generated to retrieve a breakdown of activity over a
designated time frame in a printer-friendly format. All
time and attendance data can be easily exported for
use in any back-end payroll or accounting system.
21. Bio-Plugin ™ APPSERVER / WEBSERVER
High-performance, enterprise-ready biometric system integration,
without a low-level SDK, in less than 24 hours
Bio-Plugin™ AppServer and Webserver are completely developed,
client/server fingerprint recognition systems that rapidly integrate into
Windows and web based applications with minimal development effort.
Bio-Plugin™ enables software engineers who are interested in adding a
robust fingerprint software system to their application(s) to avoid the
headache and hassle associated with low level fingerprint SDK integration.
Instead of having to invest precious resources into learning the complexities
of fingerprint software, and into developing a robust fingerprint biometrics
system using a fingerprint SDK, engineers can rapidly integrate Bio-Plugin™
in just a few hours, and are immediately provided a fully scalable system
that also works in Citrix and Terminal Services.
22. Bio-Plugin ™ APPSERVER / WEBSERVER
Bio-Plugin Appserver: To Replace Fingerprint SDK Integration into Windows based
Supports a wide variety of development
environments such as:
> C/C++
> Delphi
> Foxpro > VB
> Clarion
> PowerBuilder
Bio-Plugin Webserver: To Replace Fingerprint SDK Integration into Web based Software
Integrate through web services interface
for maximum convenience, control, and
security. Works with IIS, Apache,
WebSphere, Oracle, and WebLogic.
23. Bio-Plugin ™ APPSERVER / WEBSERVER
BIOPLUGIN SYSTEM BENEFITS
Integrate a complete fingerprint biometrics system in a few hours
No system dependencies between host and fingerprint software (you do not have to
compile your software)
Avoid burdensome internal development and ongoing support requirements
Remain focused on core competencies
Includes fingerprint verification (1:1) and robust identification (1:N) software
Compatible with WAN, LAN, Citrix, and MS Terminal Services environments
Supports any SQL compliant database, including MS SQL Server, Access, MySQL, Oracle
9i, DB2, Informix
Scalable, multi-threaded server to optimize performance for large implementations
user:
m2sys_demo
http://www.m2sys.com/arch.htm
pass:
dem0m2
25. Bio-SnapON™ BIOMETRIC IDENTIFICATION SYSTEM
Effortless Fingerprint Software Integration
Without the SDK
Eliminate Passwords, Barcodes, and PINs, with NO DEVELOPMENT
REQUIRED
Interface a robust fingerprint identification system with any existing
software for added security and convenience.
Bio-SnapON™ is a complete fingerprint biometrics software system that
can be instantly added (“snapped-on”) to any third party or internally
developed software package, without any development work.
26. Bio-SnapON™ BIOMETRIC IDENTIFICATION SYSTEM
Bio-SnapON™ is extremely easy to install and deploy.
The software allows you to enroll users and store their
fingerprint data template (NOT the actual fingerprint
image), which can then be used for authentication.
If you are currently using barcode, magstripe, or
keypad devices to identify users, Bio-SnapON™ can
immediately replace this with fingerprint
identification.
27. Bio-SnapON™ BIOMETRIC IDENTIFICATION SYSTEM
BIOSNAPON PROCESS
Step 1: Fingerprint Enrollment
Users first need to register their fingerprint templates and associate them to an ID number. This information
is stored in a central database so that any networked PC can access it for authentication.
The ID number is fed to
Bio-SnapON
automatically
Students/Employees/Members/Cus
tomers swipe/scan their ID card or Users scan the same fingerprint 3
input their PIN. Their ID number is times consecutively in Bio-SnapON.
received by the Bio-SnapON utility. The user’s unique ID number is
stored with the fingerprint
template in a central database.
28. Bio-SnapON™ BIOMETRIC IDENTIFICATION SYSTEM
BIOSNAPON PROCESS
Step 2: User Identification
Once a user is enrolled in the system, he/she can be identified with a single fingerprint scan from any
PC that has a fingerprint reader and is networked to the central fingerprint engine.
The fingerprint data is
sent over the network to
the Bio-SnapON engine
Students/Employees/Members/C
ustomers scan their fingerprint on
the reader to be identified. The Bio-SnapON engine
compares the scanned print
against all stored prints.
When a match is found, the associated ID
number is sent to the host software (such as
POS), which displays the user’s information.
29. Bio-SnapON™ BIOMETRIC IDENTIFICATION SYSTEM
BIOSNAPON SYSTEM BENEFITS
More secure and efficient than ID cards or PINs
No software development is required
Increase profitability by eliminating "buddy punching"
Eliminate problems caused by lost or stolen cards
Protect confidential user information
Secure manager approvals or transaction overrides
Integrate a complete fingerprint biometrics
system in a few hours.
No system dependencies between host and fingerprint
software (you do not have to compile your software)
30. Bio-SnapON™ BIOMETRIC IDENTIFICATION SYSTEM
BIOSNAPON SYSTEM BENEFITS
Avoid burdensome internal development and ongoing
support requirements
Remain focused on core competencies
Includes fingerprint verification (1:1) and robust
identification (1:N) software
Compatible with WAN, LAN, Citrix, and MS Terminal
Services environments
Supports any SQL compliant database, including MS SQL
Server, Access, MySQL, Oracle 9i, DB2, Informix
Scalable, multi-threaded server to optimize performance
for large implementations
No one can forget their fingerprint!
http://www.m2sys.com/BioSnapOn-Demonstration/Contents/BioSnap-Serial-Nav.htm
31. PHYSICAL SITE SECURITY
Card Access Systems
Biometric Access Systems
Multi-Technology Access Systems
Central Station Monitoring
Traditional & IP Fixed Cameras
Perimeter Detection Systems
Digital Video Cameras
Fire Alarm Systems
Pan-Tilt Zoom Cameras
Fire System Inspections
Burglar Alarm Systems
Stand Alone Intercom Systems
Video Intercom Systems
Emergency Phone Systems
32. RISK CONTROL STRATEGIES
Consulting and Investigations Team Specializing in Risk Assessments and
Security Solutions:
Security Architecture Practice
Cyber Security Practice
Corporate Communications
Investigations
Intelligence & Security
Polygraph Practice
DATA SECURITIES
INTEGRATION TEAM
33. DATA SECURITIES IS YOUR COMPLETE
BIOMETRIC SECURITY SOLUTIONS PROVIDER
Georgia Hill
Vice President of Sales
georgia@datasecurities.org
407-376-4808