As 2014 is well underway, there are a handful of core trends that I believe will have the greatest impact on the secure identity industry this year. These trends include:
The industry is quickly moving beyond static, proprietary access control architectures to more secure, open and adaptable solutions that support the customers’ desire for new products and technologies that enable their business.
As the security landscape continues to evolve in new and complex ways, progressive organizations and thought leaders are adopting a new attitude about change. Proactively making changes today will ensure that an organization’s access control solution can adapt to future threats and take advantage of opportunities and applications beyond access control. Future high-value applications might range from cashless vending, time and attendance, and secure print management to secure network logon as part of a fully interoperable, multi-layered security solution across company systems and facilities. By using solutions that are based on industry standards such as OSDP bidirectional communications, and incorporating dynamic rather than static technologies, security becomes independent of hardware and media, and the infrastructure can more easily evolve beyond current abilities with the adaptability to combat continuously changing threats.
Integrating physical access control with IT security will bring new benefits while changing how organizations operate.
Historically, physical and logical access control functions were mutually exclusive within an organization, and each was managed by different groups. Now, however, the lines between these groups are beginning to blur. Organizations want to provision physical access control system (PACS) and IT identities on a single card (or smartphone) that can be used to open doors and log on to computers, and for other applications. This will create a seamless user experience when securing doors, data and the cloud, and improve how organizations create, use and manage identities across many different applications on both smart cards and smartphones. Users will also soon be able to carry many types of access control credentials as well as one time password (OTP) tokens on a single microprocessor-based smart card or smartphone.
Strong authentication will continue to grow in importance in the face of a rapidly changing IT security threat environment – and will also move to the door.
The industry is moving beyond simple passwords to additional authentication factors including something the user has (such as a mobile or web token) and something the user is (via biometrics or behavior-metrics). While the industry is replacing hardware OTPs with software tokens that can be held on such user devices as mobile phones, tablets and browser-based tokens, there are security vulnerabilities with this approach. A far more secure strong authentication alternative is multi-application credentials that can be carried on smart cards or smartphones. Users will simply take the same card (or phone) they use for building access and tap it to a personal tablet or laptop for authenticating to a VPN, wireless network, corporate intranet, cloud- and web-based applications, single-sign-on (SSO) clients and other IT resources. We will also see increasing adoption of other authentication factors including biometrics as well as gesture technology.
Strong authentication will increasingly be implemented using a multi-layered strategy.
Today’s strong authentication solutions increasingly will be used to secure everything from the door, to data, to the cloud. They will deliver multifactor authentication capabilities for the most effective threat protection, as part of a multi-layered security strategy. In addition to multi-factor user authentication as the first layer of security, both inside the firewall and in the cloud, there are four other layers to implement, including authenticating the device, the channel, the transaction and the application. Effectively implementing these five security layers requires an integrated and versatile authentication platform with real-time threat detection capabilities. Used in online banking and ecommerce for some time, threat detection technology is expected to cross over into the corporate sector as a way to provide an additional layer of security for remote access use cases such as VPNs or Virtual Desktops, and in the healthcare space, for online records access.
Mobile access control will continue to roll out in stages.
During 2014, we expect to see the first phases of mobile access deployments in which smartphones will function similar to that of a card transaction today, with limitations due to technology and business ecosystems. In subsequent phases the phone’s on-board computing power and multimedia capabilities will be leveraged overcome limitations and provide a more functional and rich user transaction and experience. Looking forward further, the connectivity of smartphones will be used to perform most tasks that today are jointly executed by card readers and servers or panels in traditional access control systems. This includes verifying identity with rules such as whether the access request is within a permitted time and, using the phone’s GPS capability, whether the person is actually in the vicinity of the door. The user can then be validated using a cloud application and granted access via a trusted message over secure communication to the door.
I’m pleased to say that yesterday HID Global announced the opening of our new World Headquarters and North American Operations Center in Austin, Texas with an audience of dignitaries that included Chairman Michael T. McCaul (Texas) of the House Homeland Security Committee, State Representative Larry Gonzales, County Commissioner Ron Davis, representatives of Texas Governor Rick Perry’s office, as well as representatives from the offices of Congressmen Flores and the City of Austin.
Our new $35-million 250,000 square foot facility is HID Global’s largest in the world and will include consolidation of our corporate functions, manufacturing, assembly and test operations, distribution and sales operations. It was built on 22 acres in North Austin’s Tech Ridge area and is expected to create 300 new jobs by 2015. We have initiated our first phase of operations at the state-of-the-art facility ahead of schedule and expect it to be fully operational by Q3 2015, which includes the consolidation of four other facilities previously located in Mountain View, CA, Irvine, CA, Eden Prairie, MN and North Haven, CT.
In his welcoming remarks, HID Global President and CEO Denis Hebert described some of the reasons why the State of Texas had been selected for the facility and touched on the many border security and homeland security issues that we deal with as the producer of U.S. Green Cards and leading provider of secure identity products. Denis’ remarks stated in part:
“This state-of -the art facility epitomizes the ability of the private sector to produce secure identity credentials and produce security products that help insure the security of our nation, in addition to providing hundreds of new, well-paying jobs that will stimulate the local and national economy.”
“HID Global is committed to partnering with U.S. agencies to ensure that the identity credentials that permit entry into the U.S. at our land and sea borders are the most secure and counterfeit-resistant in the world.”
“As Texas is a border state, we understand the need for government policies to address border security. We are happy to share our expertise in this area with members of Congress and the State of Texas Legislature. We’ve been working on these issues with Chairman McCaul of the House Homeland Security Committee, which he heads, and we look forward to continuing this relationship and supporting Chairman McCall’s goals in border security and homeland security.”
In his welcoming remarks, Chairman McCaul stated, “HID Global, a private sector company, now provides 70% of the identification for all federal agencies and also provides the identification cards for the U.S. Green card and so many other instances where their technology can be utilized.”
“HID Global is at the forefront of homeland security issues, they will be extremely helpful in our efforts at the national level to better secure the United States. I am honored to cut ribbon at HID Global's headquarters in Austin this morning. Their work is vital to national security.”
“HID Global’s decision to move their worldwide headquarters to Texas is proof positive that our focus on low taxes, smart regulations, fair courts and a skilled workforce helps create jobs and strengthen our economy,” Texas Gov. Rick Perry said. “I’m pleased HID Global has chosen to call Texas home, and look forward to their continued success in the Lone Star State.”
The opening of our new facility is an exciting development for the company, and I am glad to be part of the HID Global team during these times.
Check out photos of the event and our new World Headquarters and North American Operations Center. We are hiring for many positions in Austin, if interested please visit our careers page.