It happened again. Laptops containing critical information were stolen. In this case, the PCs were taken from a company hired to provide services to Petrobras, Brazil’s state-run oil firm. Petrobras disclosed that the data pertained to the location of new oil discoveries and that the information affects Brazil’s national interests. Uh oh.

How would you like to be the corporate security officer awakened in the middle of the night with news that laptops containing your company’s critical information were stolen? One way to keep your stomach from turning (and to hang on to your job) is to use good endpoint security to make sure the data isn’t vulnerable. Now there’s a new twist on how to secure your laptops (Compare Data Leak Protection products).

Secure biometrics company UPEK and authentication solution provider RSA, The Security Division of EMC, have collaborated to deliver a strong yet easy-to-use endpoint security solution that can be used to authenticate an employee remotely accessing corporate networks. In early February, UPEK announced the availability of several products that form the basis for biometrics-based multifactor authentication using embedded RSA SecurID technology. Here’s what’s new from UPEK:

* The Protector Suite QL software has been updated and certified as RSA SecurID Ready.
* The Eikon Digital Privacy Manager USB peripheral is now embedded with RSA SecurID technology.
* Millions of notebook PCs with embedded UPEK fingerprint sensors are now RSA SecurID Ready.

What this all means is that you can have one device that reads a user’s fingerprint and validates that person’s identity and then issues a tokencode that is sent to an RSA Authentication Manager server to fully authenticate the person. That device can be the new USB peripheral or a fingerprint reader that is built into the laptop PC. This eliminates the need for a second, separate security token (Compare Identity Management products).

It works like this. An administrator issues a SecurID token seed to an end user. The seed gets provisioned into the UPEK Digital Identity Engine and then forms a biometric token. After import, the SecurID token is protected by the UPEK Digital Identity Engine for use in Protector Suite QL, which locks the token to the specific user and is tied to his unique fingerprint. To authenticate, the user swipes his finger on the reader, and upon a successful fingerprint match, a tokencode is generated for use with an RSA Authentication Manager server.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.