Amazon Web Services Launches Amazon One Enterprise Security Services
Amazon Web Services (AWS) boasts that its Amazon One Enterprise security platform replaces the need for multiple authentication tools, and it emphasizes that as part of the service, employees can use their palm to physically access building spaces and digital assets.
LAS VEGAS—Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company, has announced Amazon One Enterprise, a palm-based identity service for comprehensive and easy-to-use authentication that is designed to improve organizational security, while helping to prevent security breaches.
AWS states the new service enables organizations to provide a fast, convenient, and contactless experience for employees and other authorized users to gain access to physical locations that include data centers, office and residential buildings, airports, hotels and resorts, and educational institutions, as well as digital assets such as restricted software resources ranging from financial data to HR records. Amazon One Enterprise eliminates operational overhead associated with the management of traditional enterprise authentication methods, like badges and PINs. IT and security administrators can easily install the Amazon One devices and manage users, devices, and software updates in the AWS Management Console.
“Amazon One Enterprise’s palm recognition technology is designed to deliver a highly accurate identification service that increases an organization’s overall security, while offering seamless authentication management with lower operational overhead,” says Dilip Kumar, vice president of AWS Applications. “With Amazon One Enterprise, security administrators also have a centralized view of all user authentications across the organization, taking the stress out of managing multiple access control solutions. Businesses appreciate the privacy and convenience for their users, who can access physical locations and software assets with just a hover of their palm.”
Amazon One Enterprise Solves Common Security Problems
Today Amazon One Enterprise asserts, organizations authenticate employees and other authorized individuals to access buildings and software resources through physical means like badges and fobs, or digital methods like PINs and passwords. However, these traditional methods share common security vulnerabilities. Badges and fobs can be lost, shared, cloned, or stolen, while PINs and passwords are easily forgotten, guessable, or shared. Many traditional forms of authentication also require manual verification and time-intensive credential management, along with the cost of producing physical IDs. For employees, forgetting or replacing badges, PINs, and passwords can lead to frustration, wasted time, and lower productivity. Organizations have tried to solve these challenges through biometric-based solutions like iris scanning and fingerprint recognition, but these solutions are not always accurate. Customers also want solutions that help break silos in the implementation and management of user authentication. For example, an organization might use badges to access buildings, but passwords to access software resources and digital assets. This requires administrators to manage multiple authentication methods without full visibility into all authorized access across the organization. IT and security administrators want an easy and centralized view of authentications (e.g., who accesses a location or software resource at what time), and to easily monitor device usage and manage software updates.
The company explains that Amazon One Enterprise is a new, fully managed service that provides accurate and secure enterprise access control through an easy-to-use biometric identification device. Security is built into every stage of the service, from multi-layered security controls in the Amazon One device to protection of data in transit and in the cloud. Amazon One Enterprise combines palm and vein imagery for biometric matching and delivers an accuracy rate of 99.9999%, which exceeds the accuracy of other biometric alternatives—even more accurate than scanning two irises. The new service’s palm-recognition technology uses advanced artificial intelligence and machine learning to create a palm signature that is associated with identification credentials like a badge, employee ID, or PIN. The palm signature is a unique numerical vector created from the user’s palm image that cannot be replicated or used for impersonation. To implement Amazon One Enterprise, IT and security administrators can easily install Amazon One devices on-site and activate them in the AWS Management Console. Administrators can also manage all aspects of user authentications in the console, including monitoring the status of installed devices, managing software updates, and getting analytics on user enrollment and usage, while reducing the amount of time and overhead involved in the manual verification of credentials.
Additionally, with employees using their palms for authentication, customers eliminate much of the cost associated with buying fobs, and printing, issuing, and managing badges and other IDs. Amazon One Enterprise supports industry standard access-control protocols such as Open Supervised Device Protocol (OSDP) and Wiegand.
AWS boasts that Amazon One Enterprise delivers new levels of convenience for employees. It replaces the need for multiple authentication methods, and employees can use their palm to access physical spaces and digital assets. To begin, a user can enroll by hovering their palm over an Amazon One enrollment device and associating their palm with their organization’s preferred ID—such as badges, PINs, and passwords—and this can be done in less than a minute. After enrollment, users access physical locations simply by hovering their palm over an Amazon One device attached to common physical access control systems for uses such as unlocking doors, entry gates, and other barriers. When connected to computers or other enterprise systems, Amazon One Enterprise authenticates users for access to web applications and software. Protecting the privacy of these users is one of the foundational elements of Amazon One Enterprise. The new service is designed to ensure palm images, user credentials, and other metadata are immediately encrypted, using industry leading encryption technology, and sent to a dedicated Amazon One Enterprise service account in the AWS Cloud, with all of the security and isolation features of AWS. To further enhance privacy, each user’s palm data is encrypted using a unique key. When employees leave the organization or decide to unenroll, they can delete their palm data by choosing the “Unenroll” option on the Amazon One device, or an IT administrator can unenroll them through the AWS Management Console.
Boon Edam is a manufacturer of revolving doors, security doors, and security turnstiles for customers across the globe, and it is using the newly announced AWS security service.
“Our mission at Boon Edam is to protect what matters most to our customers by creating an ideal secured entry solution,” adds Patrick Nora, president, Boon Edam Americas. “With Amazon One Enterprise, we can offer authorized entrances using innovative palm biometric technology that raises our security bar and delivers a convenient workplace experience. Our customers can prevent unauthorized entry, reduce the time spent monitoring access, and keep traffic moving smoothly.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.