[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Temp at Level 3 data centers
- Subject: Temp at Level 3 data centers
- From: baldur.norddahl at gmail.com (Baldur Norddahl)
- Date: Thu, 12 Oct 2017 00:55:56 +0200
- In-reply-to: <CAPkb-7C_OKDKnxEodfeDFKvanZ+FjzHJWkUGYpNxBYgjJo4OBA@mail.gmail.com>
- References: <[email protected]> <[email protected]> <CAP-guGXbJw_Vy0mS9V0g3J9yVzHpq4T+pUXJb4fQ5yD=MsGBjQ@mail.gmail.com> <CAPkb-7CfSsyNgQqFoUVoQ86BM=jbfBNmKy29XK0xDfQohg-MUA@mail.gmail.com> <CAPkb-7C_OKDKnxEodfeDFKvanZ+FjzHJWkUGYpNxBYgjJo4OBA@mail.gmail.com>
Den 11. okt. 2017 22.47 skrev "William Herrin" <bill at herrin.us>:
On Wed, Oct 11, 2017 at 4:32 PM, Jörg Kost <jk at ip-clear.de> wrote:
> Do you guys still at least have biometric access control devices at your
> Level3 dc? They even removed this things at our site, because there is no
> budget for a successor for the failing unit. And to be consistent, they
> event want to remove all biometric access devices at least across Germany.
>
Hi Jörg,
IMO, biometric was a gimmick in the first place and a bad idea when
carefully considered. All authenticators can be compromised. Hence, all
authenticators must be replaceable following a compromise. If one of your
DCs' palm vein databases is lost, what's your plan for replacing that hand?
Basic two or three factor authentication: something that you know
(password), something that you are (biometric) and something that you have
(access card).
You can tell your password to a coworker but he can not borrow your hand.
Hence you need both. The password is the replaceable part.