AirID protects your data while you roam the office
- By John Breeden II
- Sep 28, 1998
Pros and cons:
+ Hands-free supplemental security
+ Scan range adjustable
+ Noninterfering frequency
Security exposure from lost badges
Windows 9x or NT
All the network security in the world does no good if logged-in users leave their
computers on and unattended during breaks or at lunch. An office full of such computers is
an open invitation to mischief.
Some security-conscious agencies require users to log off every time they leave their
computers, even for an instant. Over the course of a day, the repeated log-offs and
log-ins steal time from meaningful work.
What if computers were smart enough to lock themselves down when users left and come
back to life automatically when they returned? AirID from RF IDeas Inc. does this by
detecting the proximity of an authorized user. If the person steps away, the system locks
down with a screen saver that wont unlock until the user returns. Thats a
pretty powerful supplemental security tool.
The AirID black box, equipped with a radio-frequency transmitter and a 3-inch-long
antenna, attaches to the COM port of a standard PC or server. Users clip a credit
card-sized badge to their clothing to identify themselves to the box. For greater
security, the badge need have no visible identification, such as a name or photo.
While a user sits and works at the PC, the badge and the box communicate at a radio
frequency of 916.5 MHzoutside the range of cellular phones and most wireless
networking products. The narrow frequency holds down potential interference with other
electronic devices. A lot of odd signals bounce around the GCN Lab, and my test badge
never had a problem communicating with its base unit.
Whenever a badge-wearing user leaves the computer, it locks up after the base unit has
had no contact with the badge for a set time. The default, one minute, is about right to
prevent accidental lockups.
An auditing feature, which runs under Microsoft Windows, records user events such as
manual password or badge access and automatic log-ins by badge-wearing Windows NT users.
Users select one of four settings for badge scanning: short, shortest, long or longest
distance from the base unit. In practice, the shortest scanning range forced me to sit too
close to my PC for comfort. If I leaned back in the chair, I risked causing a lockup.
At the longest setting, the badge was detectible from more than 20 feet, even with lab
doors closed to isolate it from the base unit. Thats a bit too far for high
security; you could be in another room, out of sight of your PC, and still be logged in.
The long setting worked best for me and seemed appropriate in open or cubicle
RF Ideas officials claim the badges dime-sized lithium battery will last a year
if the user triggers badge scans only by tapping the keyboard. You can set the base unit
to query continuously for authorized badges without any user interaction, but this drains
the badge batteries much faster and is not recommended.
Breaking in proved difficult, though there were some exploitable holes in AirID. One
especially nice feature: If the base unit is disconnected, no user can log in without the
proper badge. You can sever the cable between base unit and PC to prevent anyone from
logging in, but you cant gain access that way.
You can, however, simply reboot the computer. This is the main reason AirID will always
be a supplemental security product. Rebooting sends users to the main security gateway,
assuming there is one. Users can still log in with passwords, too.
The biggest security hole is the potential for badge loss. Anyone who finds or steals a
badge might get into the network. Employees would have to be trusted to report lost or
stolen badges immediately.
AirIDs screen saver is pretty ugly and youre stuck with it on systems
running Windows 9x, but not under Windows NT.
Each badge has a unique serial number, so multiple badges can be set up in the same
office. AirID is perfect supplemental security for busy users who step away from their
desks often and dont want to have to worry about network security exposure.
John Breeden II is a freelance technology writer for GCN.