Smart Cards Key to Information and Identity Security Vision Bill Gates Presented in RSA Keynote
PRINCETON JUNCTION, NJ, Feb. 9, 2007–Luminaries in the information industry made it clear at the just-concluded RSA 2007 conference that smart cards are going to have a vital role to play in protecting digital information and identities in the future.
Microsoft Founder and Chairman Bill Gates, in a keynote presentation at RSA, pointed to identity as the weakest link in information security, and urged information decision-makers to accelerate the transition from weak passwords to smart cards in order to realize the vision of secure anywhere, anytime computing.
“Passwords are not only weak, [they] have a huge problem in that if you get more and more of them, the worse it is,” Gates said. “So we have to evolve from them. We see smart cards as the specific, but certificates in general as the way that these things should go.”
Gates sees this combination of smart cards and certificates as the cornerstone of secure identities. “When you go to a site and you want to get capabilities there, instead of using a password, you should present some sort of certificate that creates a chain of trust about who you are and what you should be allowed to do,” he said.
Gates explained that smart cards provide a way to carry certificates with you and securely use them anywhere. Microsoft has focused on making certificates and smart cards simple to manage and use for identity, including good handling for revocations and exceptions such as “when somebody forgets their smart card.” Gates said with their new capabilities in place, this “really is the milestone where enterprises should start the migration from passwords to smart cards.”
RSA keynote speaker Art Coviello, president of the RSA Security division of EMC, said that since 96% of the world’s data is created digitally, this presents a data management and security issue of monumental proportions, whether data is at rest or on the move.
“We’ve built stronger walls around the data, but that data is fluid and won’t stay behind the wall in the first place,” Coviello said. “We need to secure the king instead of the castle. Information is king and it likes to move around.”
Randy Vanderhoof, executive director of the Smart Card Alliance, agreed with Coviello about the importance of locking down data at rest and on the move, but added that this process also necessitates the use of smart cards as a secure digital key that authorized personnel could use to unlock the data.
“The ease with which information thieves are plying their trade today was unimaginable a few years ago,” Vanderhoof said. “Information needs to move to be useful, so it will still boil down to establishing trust in who you allow to see, move and modify it. The RSA keynotes make it clear there is a sea change coming in information security that is going to put smart cards in the hands of most enterprise information users over the next five years.”
The Smart Card Alliance has a wealth of resources available on the use of smart cards for a variety of applications such as identity management, contactless payment, physical access, healthcare and transportation that includes articles, white papers, industry information and reports. You can learn more by visiting http://www.securetechalliance.org.
About the Smart Card Alliance
The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.
Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America.