Over the Borderline

Comments

While in Hong Kong, our steely observer discovers that not all mantraps are of the soft and curvaceous ilk.

In the security trade, they call it the mantrap. It has no link with fine looking femme fatales who have a bait all of their own. Instead, it is a small room - often only sufficient in size for one person to stand - that acts as the last line of defence to separate a mission-critical IT system from real-world nasties.

The trap is usually built with steel doors and accessed with a pass code, or entry is gained courtesy of someone hidden in the inner-sanctum, which seals its critical technology behind bulletproof glass and metal-insulated walls. Such multimillion-dollar, physical security measures were put in place long before the language of terrorism became the lexicon of our children. This is how, at the very heart of government, IT systems that help run our lives must be protected.

I was invited into a mantrap the other day. As the door closed with the finality of the metal click of electronic circuitry, my eyes were drawn to a gas canister to my right, bolted at the top of the 3-metre high juncture where the ceiling and wall met. Any aggressive action and my immobilization would be simple yet devastating.

This particular mantrap belonged to the Hong Kong government and was part of the elaborate maze of security that protected the nerve centre of its Immigration Department. Within its steel walls and special glass, which is really polycarbonate plastic of up to 75mm thick, were computers and monitors monitoring every point of entry into this Special Administrative Region of China.

Hong Kong - and especially its Immigration Department - is renowned for its forward-thinking on issues such as security. Its senior IT executives fly around the world, giving lectures on the implementation of smart card and bio-technology recognition. Most recently, there have been a spate of such conferences in the United Kingdom, where the Blair government intends to implement national ID cards in the next three years.

A similar debate peaks and troughs in Australia; following the London bombings the Prime Minister ventured the view that perhaps it was again time to consider the role of ID cards in Australia - a country whose people like to be known for larrikinism that is the antithesis of Big Brother.

In many countries, of course, ID cards are part of daily life. One expatriate colleague in Hong Kong now carries with him a smart ID card with all his details stored. He has the latest generation card, which is currently being rolled out to more than 3 million citizens in Hong Kong. He says that only once in all his years in the territory has he been asked to show it to police. Less reputable looking characters - those without tailored shirts with French cuffs - do get stopped quite regularly. They must present a card - complete with photograph - that holds information about themselves, as well as their visa status.

The Hong Kong Chinese have never had a problem with smart cards. In the late 90s, they were the poster children of the smart card revolution. Their Octopus travel card, which permitted stored value and payment for all forms of public transport, was regarded as a beacon for the future of all transport systems. Nearly a decade on and silly old Sydney, for one, still stumbles and fumbles.

The Australian project to allow smart card access through its Immigration and Customs controls has already been oversubscribed but nothing substantial has been done yet. In Hong Kong, they expect more than 5000 individuals will enter the former British colony through one of 130 scanning machines before 2007.

Identity and access management has become one of the strongest-running software markets in the last five years. With the exception of biometrics, this arena has taken on all the facets of a mature technology. Its value does not have to be as so glamorous or hold such national importance as border control. Many enterprises are embracing access management as part of their own internal security measures, often in response to their own understanding of what it takes to comply with national or international regulations, such as Sarbanes-Oxley.