ALBANY, N.Y. – Securing the enterprise also means locking down the laptops at Capital Communications Federal Credit Union. The $372 million CU now has portable computers used by staffers in the office and beyond secured by SecuriKey, a two-factor authentication solution from Griffin Technologies in Lawrence, Kan. SecuriKey combines a USB key-like "token" containing an encryption chip with easy-to-install security software, and can be used on everything from a single laptop to an entire network, said Griffin Technologies CEO Bennett Griffin. Once it's installed, a user needs the password and the token to access the computer. When not using it, the user simply pulls the token from the USB port and the system access is automatically blocked, Griffin said. At CCFCU, the SecuriKey system adds a "physical layer of security that integrates with our traditional user authentication methods," says Robert Roemer, vice president of information systems at the 43,000-member CU in Albany, N.Y. The credit union ordered an evaluation copy of the solution after researching it at www.securikey.com and currently has it deployed on eight laptops, with expectations that "as our mobile population expands, so will our use of SecuriKey," Roemer says. "The learning curve is very low. I demonstrated to a co-worker how to install and configure it and the deployment was finished within the week," he says. Ease of use is one of the product's strong points, its biggest backer says. The simplicity of this `ignition key' concept is one of the best features of SecuriKey, as it leads to high user acceptance, a cornerstone of any good security system, Griffin says, noting that a laptop secured simply by a password can be compromised in 20 seconds or less by a skilled hacker. Using such a solution also helps a financial institution assure regulators that it's doing its part to secure personal financial information, says Griffin, who says his company has "hundreds of thousands of USB keys in service throughout the world" at a wide variety of organizations and businesses. "Stronger than any password, using SecuriKey helps a credit union demonstrate that they have indeed taken strong, active steps to limit workstation access to financial data as outlined Gramm-Leach-Bliley," Griffin says. He says the system also provides an audit trail of log-in activity. It comes in versions that either require a notebook to be connected to the network to be installed or can be installed separate from the network, and that a small network can be accommodated for about $99 per seat, or $129 for a single laptop. "As with all security products ROI is not always the best metric to use in terms of effectiveness and cost-benefit analysis," Griffin adds. "It is difficult to quantify the true value associated with the prevention of a network breach or the unauthorized access to confidential client data." Or as Roemer at CCFCU puts it: "Your members' information is your most valuable asset. Protecting it becomes an investment that provides a return impossible to place a number on." -

[email protected]