Biometric login/logout

I am trying to find out if there is a way to setup biometrics with AD integration that will allow a user to swipe their finger, log on and launch a program, and when they swipe it again log off the PC.
LVL 1
rodneygrayAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SandeshdubeySenior Server EngineerCommented:
0
Rich RumbleSecurity SamuraiCommented:
Biometrics often cause more headaches than they solve, at least in recent years. I've used very expensive equipment and cheap cheap stuff, they are all about the same, hit or miss.
What is the problem you wish to solve, perhaps there is a more reliable way.
>If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.  ~Bruce Schneier
-rich
0
rodneygrayAuthor Commented:
A doctor does not wish to enter his password each time he enters a patient room and would rather a card or fingerprint to signin to the PC and open his program. Comes down to convenience.
0
IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

compdigit44Commented:
Enhanced logon like smart cards or biometric are not usually implemented for convenience but for a purpose.

Security, Compliance Issues, etc...

Coming from a medial I.T background I understand the different health regulations like HIPPA.

Before you implement and enhanced logon which is a global change, I would ask your doctors / security team the following.

1) Is there a security concern they have. Access to patient data, patience can see computer screens doctors are viewing...etc...

2) What other security measure do you have in place: Password policies, audit policies etc..

3) Are you using SSO?  Do you have custom application that many not work with the enhanced login process.
0
rodneygrayAuthor Commented:
The doctor is does not want to have to keep entering his password. He wants to be able to swipe his finger/card a second time to logout/lock the PC.
They dont have SSO implemented.

Notes:
Single doctor practice.
No full-time IT deparment.
Server 2008 domain
0
Rich RumbleSecurity SamuraiCommented:
You want proximity logins, and you still have HIPAA to take into consideration... because proximity doesn't mean the person with the card is who he/she is supposed to be. Without a password or pin to go along with the proximity card, there is no way to audit whether the person is who/she says they are.
Doesn't seem like there is a secure way to add convenience, the two are often at odds with each other (security/convenience).
-rich
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
compdigit44Commented:
Richrumble you make a very good point!!!
0
Rich RumbleSecurity SamuraiCommented:
Security is a bummer that way :) But it's what I do, and I'm always looking for new things to try, you should too!
-rich
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.