Security Basics mailing list archives

Re: Biometric Access logs

From: Thor Norse God of Thunder <norsegodofthunder () gmail com>
Date: Mon, 2 Mar 2009 13:35:59 -0700

We opted to include card swipe/pin combo first and then biometric if
the first auth was successful.  This took care of the auditors.

On 3/2/09, John <tornado579 () gmail com> wrote:

Hi All,

Request you to give your views on the following issue.

We have Biometric access controlled server room door for better security.
There is no doubt that Biometric proovides enhanced protection. But the
issue with this access control mechanism is that it is not possible to
review and analyze denied attempt logs since the logs only shows that
access was denied, but to whom and other details are obvisouly not shown
because only few users from IT department only have the access to the server
room.
It is not like Swipe cards based Access control where all the employees are
registered with the access control system.
In that it becomes easily possible to trace who tried to access what and
when.

We faced issue in the audit because of this and auditor insisted that the
review and analysis of the logs for the Biometric controlled area needs to
be done.

What can be done in this scenario like this? Please give in your comments.

Thanks.


-- 
Sent from my mobile device

Current thread:

Biometric Access logs John (Mar 02)
- Re: Biometric Access logs Shailesh Rangari (Mar 03)
- Re: Biometric Access logs Thor Norse God of Thunder (Mar 03)
- RE: Biometric Access logs Murda Mcloud (Mar 03)
- RE: Biometric Access logs Christian Campbell (Mar 03)
- Re: Biometric Access logs Kurt Buff (Mar 03)
- Re: Biometric Access logs Stephen Mullins (Mar 03)
- Re: Biometric Access logs Rogerio Carvalho (Mar 03)
- <Possible follow-ups>
- RE: Re: Biometric Access logs fac51 (Mar 05)