Network, Physical Access Via One Device? Meet Mobio


Dubbed Mobio, the offering consists of a handheld device and back-end server integration between multiple network and physical security systems, which allows it to replace passwords, swipe cards, tokens and PINs, said Clovis Najm, founder of CEO of Cryptolex, based in Owings, Md.

Mobio runs on Cryptolex's proprietary Universal ID System, which weaves together elements of biometrics and cryptography and provides strong authentication for building and door access, network access, and access to VPN and Web applications, according to Najm.

Mobio uses a server API to facilitate its integration into multiple environments, including Windows, Citrix, Linux, Solaris and BSD Unix, Najm said. "It's the back-end infrastructure that enables Mobio to be used in all sectors simultaneously," he added.

Mobio uses an algorithm that converts biometric data from a person's fingerprint into a random number called a biocode. The number can be securely transmitted over a network even if the network itself isn't securebecause it's based on a person's unique biometric data and lasts only for a few seconds, Najm said.

Sponsored post

Biocodes also give companies a data trail to log, track and audit access to their network and physical security systems, and they can't be used by another person if they're lost or stolen, Najm added.

Richard Stiennon, chief research analyst at research firm IT-Harvest, says Mobio will be successful if Cryptolex can deliver on the back-end infrastructure integration and overcome companies' fears of putting multiple security functions within a device that can easily be misplaced.

"The key will be overcoming the usage ideas of having a single device and putting so much power into a single token," said Stiennon. "There's been a lot of resistance from users to adopting that, but it's obviously a really great way to include thumbprints with strong authentication."

Cryptolex, whose target markets include the U.S. Department of Defense as well as Fortune 1000 firms, plans to recruit licensed security integrators to integrate Mobio with other back-end systems, said Najm. Once the Mobio offering gains a foothold in the market, the company will also look to recruit security VARs to sell the technology, Najm added.

Dale Mitchell, general manager at Cincinnati-based solution provider Data Processing Sciences, says some companies have held off on deploying biometric systems because of privacy concerns, and the companies that would consider these solutions usually already have two-factor authentication architectures in place.

"In theory, [Cryptolex has] the perfect technology, but is the market in the right place for the combination of physical and network access to really take off?" said Mitchell.

Cryptolex would be wise to follow the example of vendors such as RSA Security, which has been successful with two-factor authentication because it has positioned its solution as a security architecture that handles everything from access to applications to administration capability, Mitchell said.

Clients that are looking for this type of offering usually want an architecture as opposed to a product, and solution providers will need to take this into account when considering the Mobio device, said Mitchell.

The combination of network and physical access is such a new concept that solution providers will have to consistently discuss the benefits of the technology with customers over the next several quarters, according to Greg Hanchin, principal of security integrator DirSec, Centennial, Colo.

"It's going to be awhile before the midmarket is ready for this type of solution," Hanchin said.

However, he believes that the convergence between the disparate worlds of physical and network security is well under way, based on what he's seen on the street.

"We're starting to see some dialogues in which there will be a physical layer guy in the room for an IT discussion, where two years ago he wasn't part of that discussion," Hanchin noted. Still, Cryptolex faces an uphill climb as it seeks to differentiate itself from the legions of security startups and successfully penetrate the midmarket, Hanchin said.

"You see a lot of these startups trying to disrupt or create new channels for products," he said. "We've introduced so much new technology into our accounts that we've realized when you're an evangelist, sometimes you don't make money."

The Mobio offering is available now and is priced at $80 per seat annually, with an additional annual subscription fee of $60 per seat for applications and libraries.