This is the next interview in the continuing series of Computing Canada’s (CC) Blogged Down (BD) which is featured here “first” in the Canadian IT Managers (CIM) forum. We began this blog series on September 15th, 2006. I continue my talk with Gordon Ross, Internet Filtering Pioneer, Biometrics / Security / Telecommunications / Ethics / Privacy Expert, Founder of Net Nanny; President of Virtual Perceptions Systems Inc.
Stephen: What are the challenges to business concerning privacy? Where do you see this heading?
Gordon: The main challenge is protecting the individual personal information they collect on customers, and the company’s intellectual property. It is also important to make sure that only “authorized” personnel have access to sensitive information.
There are two principles I have always tried to adhere to in business. One is the KISS principle which most of us understand. The other is one I coined when running a software security company. It is called the KYMS principle (pronounced “kims”). Keep Your Mouth Shut. This is probably the hardest one to learn, as we all like to talk. In business all of your corporate and personal information should be treated as private unless it has been authorized for public dissemination. Well-written policies and procedures should address many of the challenges a business may have in these areas. Businesses should review these policies on a regular basis to ensure they are still valid and that they are enforced.
Stephen: You are an expert in Biometric security. What is the current state of this topic and what are the challenges, opportunities, and solutions for businesses in the future?
Gordon: This is a very interesting field and I have now been involved in it for over 18 years. It is still not there for the average consumer. After the events of 9/11 there was a huge push for this technology, but a lot of it then was not really ready for “prime time”. By that I mean most of it could be used in an area whose environment is tightly controlled, but not in an open public area. Open public areas such as ATM’s, public parks, or core city areas are currently not the appropriate environments for this technology.
Unfortunately in the 2001 to 2003 time frames there were a few systems and incidents that hurt the real players in the industry. This has made the acceptance of biometrics by the mainstream very slow. A city in Florida ran a facial recognition system for a considerable amount of time and failed to identify a single person they were looking for. These types of systems are not inexpensive. They require very good cameras and lighting. Personally, I think combining biometrics that really work will be the ultimate solution. There has been a lot of research and development in this area and this will continue. Ultimately, in the future, there will be one form or another of this type of technology used by the mainstream.
Around 2003, I presented to the local CIPS chapter in Vancouver about the issues regarding various biometric systems - especially fingerprint systems and how Professor Dr. Tsutomu Matsumoto of Yokohama University showed how 10 various fingerprinting systems could be spoofed 80% of the time. As late as January 2006, students at Washington and Jefferson College conducted tests on spoofing fingerprints and they created some interesting video. A write up of this can be found at: http://www.washjeff.edu/users/ahollandminkley/Biometric/index.html
Biometric solutions use good technologies but many of them have to be used in a controlled environment to reach their published FAR (False Acceptance Ratio) and FRR (False Rejection Ratio) figures. I am a strong proponent of this technology, when properly used.
________________________In the next blog, Gordon will discuss Internet Filtering, his pioneering work in Internet child safety and the gaps in this area.
For the latest online business technology news go to: www.itbusiness.ca________________________Thank you,Stephen Ibaraki, FCIPS, I.S.P.