InformationWeek
Defining The Business Value Of Technology
July 12, 1999
 Print this story |
Virus Attack
continued...page 5 of 6
Members receive software to load onto their PCs, a smart card with their personal identification information, and a smart-card reader. Before players can enter the online casino, they have to enter their log-ons and passwords, then answer a variety of questions. All of the transmitted information is encrypted using a proprietary cryptographic scheme. Once members make it through that exchange, they are allowed access to the network--but not to the gambling application itself.
Bally's is bound by gambling laws that vary by jurisdiction, so the system has to verify the member's location. The application essentially traces the call and compares the phone number to a table of exchanges in areas where gambling is legal. Fontaine says Bally's is interested in other emerging techniques, such as biometrics that authenticate a user's identity based on unique traits such as a fingerprint.
Biometric technology also appeals to Blueline Online, a building project management portal. The Palo Alto, Calif., company runs an Internet collaboration system that construction companies and their subcontractors can use to share project design and other building information.
"The liability issues in construction are unbelievable," says Ashok Segu, chief technology officer and VP of engineering for Blueline Online. "If it takes two years to build a building, it takes 20 years to get out of it legally. Construction is a very litigious industry."
Using biometric measures such as fingerprints to create and validate an audit trail would be very helpful, Segu says. But the expense and immaturity of biometric technology keep Blueline Online from investing in it now. Instead, the portal company uses database access records, including date and time information, to create an audit trail.
While preventing unauthorized access and verifying the identity of those who do gain access are among the top priorities of many companies, a growing number are recognizing the importance of taking direct steps to protect their data. About 60% of the respondents use some form of cryptography to scramble data so it's useless to anyone but those authorized to see it. "Cryptography is the enabler of E-business," says PricewaterhouseCoopers' Lobel. "People are really starting to get it."
The skyrocketing growth of applications such as electronic commerce and Web hosting presents IT managers with a new challenge: how to maintain security standards while giving customers or business partners access to systems. One approach that's becoming more popular is the use of virtual private networks, which create secure, encrypted transmission tunnels to carry business data over private and public IP networks. Use of VPNs to transmit data securely rose to 27% this year, up from from 11% in last year's survey.
"We were still a small company when we started out in 1997. We looked at managing our own VPN, but it made more sense to outsource it," says Segu. "For our customers, it's almost like putting the crown jewels in a bank. You have to ask how well you know the bank. Since we were new, no one knew us that well. So it seemed logical to go with a service provider that specializes in VPNs."
In the United States, VPNs are particularly popular as an inexpensive way to connect remote users to the enterprise. PricewaterhouseCoopers is in the process of deploying a VPN to link 35,000 remote-access workers to its network. The cost savings comes from eliminating long-distance calls. With a VPN, remote workers make a local call to an Internet service provider to connect to the company network via the Internet, rather than making a long-distance call to the company's modem pool.
Illustration by Teofilo Olivieri
Security Requirements
Related links:
Implementing a system that satisfied Bally's own security needs as well as the legal requirements wasn't easy. To become a member, a potential player must first go in person to a casino office, show proof of age, and then open an account with a cash deposit. Gamblers can only wager up to the amount of money held in trust for them by the casino.
Blueline Online uses Pilot Network Services' hosted VPN to secure the connections between the construction companies and subcontractors that use its site.
continued...page 6
return to page 1, 2, 3, 4
Back to This Week's Issue
