Smart cards that use radio frequencies (RF) to transmit information offer operational flexibility, better product management and other benefits.
Public and private organisations alike are handing out RF-enabled smart badges to employees, allowing them to track activities and enforce security policies. However, given the amount of information RF provides, many critics are worried the technology infringes on people's privacy.
The privacy question
Do RF-enabled smart cards compromise employee privacy? Not if companies implement them correctly. The Smart Card Alliance (SCA) noted that maintaining worker confidentiality involves two steps:
- Enabling personnel to dictate how their information is used
- Exercising information security protocols and technology that protect data
So, before printing out smart cards with RF capabilities, organisations should divulge how they intend to manage employee data and allow them to voice their perspective on the matter. Simply listening to information management requests isn't enough. Companies must factor in employee sentiments when developing protocols.
Once employers gain the confidence of their personnel, they must address the resiliency of their back-end systems. Whenever a worker uses his or her badge to check out an item, enter a facility or perform some other task, the data associated with the action is sent to a database for further processing.
The question is: How secure is the database? This is a consideration the IT team will have to answer. Without getting too technical, the primary goal should be to control which administrators can access the system. If IT personnel deem it necessary, applying row-level security to protect specific data sets is also a valid option.
Moving away from the database, organisations shouldn't ignore network security. Ensuring firewalls and anti-intrusion systems are in place goes without saying, but taking additional measures obviously doesn't hurt.
At the onset of an employee ID badge project, address data protection and confidentially concerns before anything else.