Thursday, February 08, 2007

Active Directory integrated Biometrics

I ran into my friends Vance Bjorn (CTO) and Fabio Righi (Prez & CEO) of DigitalPersona while I was at RSA. It was really great to see them. They are making tremendous progress with their biometric fingerprint readers. They've never told me but I am pretty sure they have OEM'ed their readers to the likes of IBM for use in their ThinkPad computers. I hope so because I have a ThinkPad and use my fingerprint to login to Windows all the time. I know that they are the OEM for the Microsoft fingerprint reader.

Their stuff is really, really well integrated with Active Directory. They were one of the first companies to jump on using ADAM (Active Directory Application Mode) to get around the need for a schema extension to Active Directory. In addition, they can control almost every aspect of the reader via Group Policy.

If you buy a reader from DigitalPersona you can use it to enable domain logon. If you use the Microsoft OEM version you'll find out that this is specifically disabled. Seems that the nitwits over in the security group think it isn't as secure as a password. We all know how secure passwords are, right?!

Anyway, I wish them the best of luck. They've worked so hard on this and it's really great to see it taking off!

p.s. When I made the decision to leave Microsoft there were two companies on the top of my list that I wanted to work at. One was Vintela and the other was DigitalPersona.

Technorati Tags:
, ,

No comments: