RE: Biometric Access logs

["Murda Mcloud" <murdamcloud () bigpond com>]

Cameras? With timestamps.

> > -----Original Message-----
> > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> > On Behalf Of John
> > Sent: Monday, March 02, 2009 10:25 PM
> > To: 'security basics'
> > Subject: Biometric Access logs
> >
> > Hi All,
> >
> > Request you to give your views on the following issue.
> >
> > We have Biometric access controlled server room door for better security.
> > There is no doubt that Biometric proovides enhanced protection. But the
> > issue with this access control mechanism is that it is not possible to
> > review and analyze denied attempt logs since the logs only shows that
> > access was denied, but to whom and other details are obvisouly not shown
> > because only few users from IT department only have the access to the
> > server
> > room.
> > It is not like Swipe cards based Access control where all the employees
> > are
> > registered with the access control system.
> > In that it becomes easily possible to trace who tried to access what and
> > when.
> >
> > We faced issue in the audit because of this and auditor insisted that the
> > review and analysis of the logs for the Biometric controlled area needs
> > to
> > be done.
> >
> > What can be done in this scenario like this? Please give in your
> > comments.
> >
> > Thanks.