Advanced Imaging


Advanced Imaging Magazine

Updated: January 12th, 2011 09:49 AM CDT

Keeping Your Displays Secure

Video imaging system combined with active detection technology tracks authorized user and locks out others

By Lee J. Nelson
Contributing Editor

Imagine, for a moment, entering a local savings and loan and sitting down across a desk from the branch manager. To answer a question about your account, the bank officer logs on to his/her workstation. Then, a moment later, (s)he is summoned to assist a teller in another area. That seemingly innocuous action, however, constitutes a huge security breach and leaves the entire computer network at risk. It only takes seconds for an unscrupulous soul to commandeer the unattended terminal and gain access to a plethora of sensitive and confidential information.

A secure-compute environment obligates everyone to accept certain responsibilities. Once an individual is verified, (s)he is granted admission to a restricted set of data and programs, depending upon the predetermined privileges. Typically, the session continues until intentionally concluded. The framework’s weakest link is an unattended workstation. But, what is a user to do? Is it feasible to expect authorized employees to log off each and every time one leaves a screen...even if only momentarily? Furthermore, some applications are shared among computers. In those instances, the need to allow access—and when it should end—is all the more essential.

To provide guidance and help protect diverse, sensitive resources, various state, federal and international sectors have imposed regulations. Full compliance with those conventions mandates not only how to authenticate a verified user; but, the means to preclude illicit access by an improperly identified entity. Some also contain enforcement provisions, stipulate penalties and delineate procedures to investigate and prosecute violators.

In 1996, the Basel (Switzerland) Committee on Banking Supervision began developing a series of requirements for large, internationally active banks to ensure they retain sufficient capital to offset operational threats. All of an institution’s relevant IT resources must be analyzed for contribution to that liability. Consider the effect that exposure of confidential information might have on a particular investment’s value. If such revelation poses a hazard, it has to be factored into the equation. Mitigating peril by enhancing computer and network security can improve a bank’s bottom line: lowering the loss probability as well as decreasing the capital and insurance obligations (where coverage premiums aptly counterbalance risk).

Also in 1996, the U.S. Department of Health and Human Services launched HIPAA, the Health Insurance Portability and Accountability Act. Its major goal is to assure that individuals’ medical details are properly protected. HIPAA permits important uses of health-related information while ensuring patients’ confidentiality.

1 2 3 4 5 6 next

Subscribe to our RSS Feeds