phillipgriffin.com

Information Security Consulting


phil@phillipgriffin.com | Copyright © 2006-2016, Phillip H. Griffin. All rights reserved. | Privacy Policy


Products Software Capabilities Innovation

Biometric Information Security Management services

Phillip H. Griffin provides biometric information security management services based on the X9.84 and ISO 19092 standards, technology-specific extensions to the ISO/IEC 17799 Code of practice for information security management. Phillip H. Griffin can custom design software to automate enforcement of biometric information security policy, to provide controls that transform biometric information into policy-based management action.

ISO 19092 defines core requirements for managing and securing biometric information for all applications and environments where biometric information is used. These core requirements apply to the transmission and storage of biometric information, and rely on maintenance of a secure biometric event journal that can be used for legal and regulatory compliance and ISMS audit. Phillip H. Griffin services can help you meet these requirements.

Core requirements can be met using physical protection when all biometric system components reside within the same tamper resistant unit and there is no transmission of biometric information. Outside this environment, requirements can be met by using cryptographic mechanisms such as a digital signature and encryption. Phillip H. Griffin software, based on ISO 22895 Cryptographic syntax schema standard, provides security when physical protection is not enough.

ISO 19092 defines control objectives and security controls that can be augmented or trimmed to meet the specific needs of your organization. Phillip H. Griffin helps you make the best trade-offs when selecting security controls, to ensure that you meet ISO 19092 requirements and your own management objectives.

With Biometric ISMS program design and analysis by Phillip H. Griffin you can manage biometric technologies within your identity and access management systems and meet your data privacy objectives by applying ISO 19092 core requirements to:

Phillip H. Griffin works with you to craft efficient, cost effective solutions that are tailored to your organization needs. Services include the design and development of your: