Simple is Smart
- By Ralph C. Jensen
- Feb 29, 2012
Security takes on a new perspective when looking at the IT side of the aisle. After my first day through the RSA Conference in San Francisco, I have to say Cherry’s FIPS 201 compliant keyboard makes simple look pretty smart.
The keyboard is where the authentication takes place, rather than, as Craig Kaliebe, the company’s marketing manager put it, “risking the PC to attack.” The authentication card simply slides in the designated spot on the keyboard, and voilà, authentication begins.
Cherry is part of ZF Electronics Corp., based in Pleasant Prairie, Wis.
Secure-pin entry is the safe transmission of the PIN of a chip card, or a smart card, from the user to the card without the data reaching the computer. The security pin is so important that it gives the user the right to read or write, and verify that you are the owner of the card. With the verification process taking place on the keyboard, the PIN will not be transferred to the PC, instead transmitted within the keyboard directly to the smart card.
So it is not possible to spy the PIN from the data line of the keyboard wire or with a keylogger on the PC.
I also enjoyed a briefing from DataLocker officials who showed off their secure, writeable DVD and compact disc. It combines AES 256-bit encryption and disc burning functionality, all self-contained on a recordable CD or DVD. It has its own built-in software for disc burning and government strength FIPS 140-2 AES 256-bit encryption.
The best part is that there is no software to install and no need for third-party applications. It gives users a simple, secure method to transport, share and archive sensitive data and records.
There is a lot of talk about clouds this year at RSA in San Francisco. I’m going cloud hunting tomorrow and hope to let you know what I find.
Ralph C. Jensen is editor-in-chief of Security Today magazine.