Security Basics mailing list archives

Re: Biometric Access logs


From: Rogerio Carvalho <listas.seguranca () gmail com>
Date: Tue, 03 Mar 2009 12:10:32 -0300


The software who makes the logs can register some informations about who
tries to get in the server room?

I don't know if it's possible, but according IT department size you
could should consider do all employees of the department register his
fingerprint, doing this, everytime that some unauthorized person tries
to get in server room his fingerprint can be logged.

PS: sorry about my bad english.

Regards
Rogerio Carvalho


John escreveu:
Hi All,

Request you to give your views on the following issue. 

We have Biometric access controlled server room door for better security.
There is no doubt that Biometric proovides enhanced protection. But the
issue with this access control mechanism is that it is not possible to
review and analyze denied attempt logs since the logs only shows that
access was denied, but to whom and other details are obvisouly not shown
because only few users from IT department only have the access to the server
room. 
It is not like Swipe cards based Access control where all the employees are
registered with the access control system. 
In that it becomes easily possible to trace who tried to access what and
when. 

We faced issue in the audit because of this and auditor insisted that the
review and analysis of the logs for the Biometric controlled area needs to
be done. 

What can be done in this scenario like this? Please give in your comments. 

Thanks. 

  


Current thread: