Crescendo Decrescendo from HID
I don’t really mean to pick on HID. (OK, I do. but just a little. It is such an easy target) :-)
At the RSA show I saw the newly announced HID solution called Crescendo. The HID website describes Cescendo as
a series of highly secure, off-the-shelf smart cards designed to provide out-of-the-box, standards-compliant support for thousands of logical access applications.
I describe it as invisible duct tape.
It was hard for me to see what Crescendo does for its users that any standard access card hanging on the lanyard with a smart card couldn’t do. Sure, having a single card is more elegant than carrying two cards around. But the net result is the same – and at potentially much higher cost (card, infrastructure, maintenance)
You use the Crescendo card in the normal way to access the building, then you may insert the card in a smart card reader attached to a Windows PC for network login.
I liked the seamless integration with Microsoft Windows Vista. (Crescendo uses the Microsoft CardSpace GINA for smart card log in natively). I also liked how this smart card may be deployed easily in any site entirely a mix of iCLASS, Indala and mag stripe access technologies.
Craig Mundie and Bill Gates were promoting that capability in their join keynote at RSA. Robert Lemos had this to say on SecurityFocus.com: "The two Microsoft executives hardly mentioned last week’s launch of Vista, the software giant’s latest operating system for the desktop. While the company’s focus on identity is not new, the Vista operating system brings better tools, including a visual application–CardSpace–that allows users to manage their identities."
I didn’t like the fact that this is just another smart card that can be used for simple network login "duct taped" to an iCLASS card. It’s just not new or exciting.
Yes, with Crescendo I can log into the network, launch a 3rd party single sign on product, or use it to support 3rd party digital signatures. But that can be said for any card by Entrust or Gemalto. I would much rather have seen complementary applications, like Passlogix SSO or SafeBoot disk encryption offered as a value add. I also wish HID and Microsoft didn’t tout Crescendo as the next best thing to sliced bread when it is really just your average "dumb" smart card.