& cplSiteName &

Verizon Smart Credential Secures Physical, Virtual Assets

Carol Wilson
6/23/2014
50%
50%

Verizon today unveiled a new approach to stemming data breaches that combines protection of physical and virtual resources, and addresses issues posed by lost user passwords/credentials. The new Smart Credential offer combines a cloud-based service that has pay-as-you-go features with a physical security card that can be used for building access, or as part of a multi-factor security system. (See Verizon Offers New Data Breach Solution.)

Lost passwords and security credentials contribute to two-thirds of the data breaches reported in Verizon's 2014 Data Breach Investigations Report. The Smart Credential system was developed for enterprises looking to protect both physical and virtual assets, says Johan Sys, managing principal, Identity & Access Management, Verizon Enterprise Solutions .

"There is a lot of focus on protecting the virtual resources of a company but there has been a hole in the security coverage," Sys says. "Proximity cards -- those used to physically access an office building or parking garage -- are 30-year-old security systems and are actually very insecure."

The problem has been how to physically replace proximity cards for a business with multiple locations, some of which are leased, all at the same time. Verizon's approach lets companies move to a single security credential that incorporates the physical facility, and lets companies do it by paying per month, per card user.

By creating a single smart card that can be easily disabled if lost or stolen, Verizon is extending its managed security services to cover physical facilities and virtual assets and doing it in a way that lets businesses move to a more secure system without ripping out what they have today.

In addition to providing secure access to physical facilities, the cards offer logical access to workstations and networks, as well as authentication for online access to secure facilities, and digital signature and encryption that are typically part of a Public Key Infrastructure (PKI) system. The Smart Credential system doesn't require the new capex of a PKI approach to encrypting and authenticating data because the approach is cloud-based. The Smart Credential can be used as a basic authentication token, or as part of a multi-factor authentication system that also requires a user-provided password, or answer to a security question, or a biometric factor such as a fingerprint.

Changes are made via a web-based portal and cards that are lost or stolen can be instantly disabled. The Smart Credential system is set up to be interoperable with US government standards including the federal government's Personal Identity Verification Interoperability (PIV-I) standard.

The new Smart Credential is the latest in Verizon Enterprise Solutions' ongoing rollout of managed security options. You can find more information in the stories listed below:

— Carol Wilson, Editor-at-Large, Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
brookseven
50%
50%
brookseven,
User Rank: Light Sabre
6/23/2014 | 7:00:01 PM
Re: Security cards
Carol, Cards like that can already be remotely deactivated. Most exit procedures should include that as well as collecting such cards. The fact that Dan has it and it works points to the process and people problems in security that no amount of technology can overcome. seven
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
6/23/2014 | 5:33:18 PM
Re: Security cards
In the Verizon example, that card Dan used to break into the [NAME REDACTED] building in Chicago would have been remotely disabled when he left the company. 

But that's a great example of why these "proximity" cards aren't very secure. One mistake - not following up to insist a departing employee turn in his ID card - and an entire building is vulnerable...and to a guy like O'Shea, no less. 

 
Ariella
50%
50%
Ariella,
User Rank: Light Sabre
6/23/2014 | 12:51:10 PM
Re: Security cards
@DoShea, it's just incredible that the card still works after all that time. Not exactly secure then, is it? 
DOShea
50%
50%
DOShea,
User Rank: Blogger
6/23/2014 | 12:08:31 PM
Security cards
I remember several years ago still having a security card for a former employer that still worked almost a year after I had left the company. I was going to have lunch with one of my ex-coworkers there, just decided to see if it would work, and it did. This was after the security team had already let me go to the elevator bank because I looked familiar to them, and nodded in a familiar way at them.

Interesting offering, and I see the need for it, and what the cloud brings to it, but why even have the physical card when other options exist?
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
6/23/2014 | 11:38:25 AM
Bioinformatics
I've been checking into 24 Hour Fitness for what seems like five years now using just my index finger thumbprint (plus entering a code number on a keypad).   Given, the security risks are somewhat low for a gym, but at what point can they roll something like this out for business access.

And residential access too.  As a single person, I dread the thought of losing my keys, wallet, smartphone, after hours.   What would I do if I were locked out of my apartment with no money at 2 am?   I would much prefer we started switching to facial or fingerprint recognition.

 
From The Founder
Download our complete guide to de-risking NFV deployment in 2016, including:
  • An eight-step strategy to deploying NFV safely, based on input from the companies that have already started virtualizing their production networks.
  • Interviews with leading executives at Colt, AT&T, Deutsche Telekom, Cisco, Nokia, ZTE, Ericsson and Heavy Reading.
  • Flash Poll
    Live Streaming Video
    Prepping for the Future: Upskill U Explained
    During this short kick-off video, Doug Webster, Vice President of Service Provider Marketing, Cisco, and Light Reading’s CEO & Founder Steve Saunders give an overview of Upskill U.
    LRTV Huawei Video Resource Center
    Digital Operation Transformation Roundtable Wrap-Up

    5|6|16   |     |   (0) comments


    Industry leaders at the Digital Operation Transformation Summit give their final thoughts at the roundtable.
    LRTV Huawei Video Resource Center
    Peter Sany on Digital Transformation

    5|6|16   |     |   (0) comments


    Peter Sany gives his view on digital transformation at the DOT Summit in Barcelona.
    LRTV Huawei Video Resource Center
    James McQuivey on Digital Transformation

    5|6|16   |     |   (0) comments


    James McQuivey gives his view on digital transformation at the DOT Summit in Barcelona.
    LRTV Interviews
    Courting the Apartment Crowd

    5|6|16   |     |   (0) comments


    In this LRTV interview, AT&T's Adrian Cardwell details the changing dynamics of the MDU markets and explains how AT&T is pursuing apartment dwellers with GigaPower.
    LRTV Interviews
    Demand Surges for On-Demand Ads

    5|5|16   |     |   (0) comments


    Ed Knudson, VP, Product and Strategy at Canoe Ventures, discusses the rising appeal of VoD ads and the challenges on inserting ads dynamically in live TV programming.
    LRTV Custom TV
    Exclusive: Video Interview With Sckipio CEO David Baum

    5|5|16   |     |   (0) comments


    At his headquarters in Tel Aviv, G.fast visionary David Baum, CEO of Sckipio, provided an exclusive interview to Light Reading and showed how innovations in rate and reach, vector densities, fast reconnecting times and SFP-based residential gateways are expanding the potential of G.fast.
    Telecom Innovators Video Showcase
    Atrinet's NetACE – Migration to NFV & SDN With NetOps-Driven LSO

    5|4|16   |     |   (0) comments


    At Atrinet's headquarters, Ray Le Maistre sits down with Roy Silon to get an in-depth look into the company's focus and the secret recipe for their success.
    LRTV Huawei Video Resource Center
    Amsterdam ArenA, Powered by Huawei

    5|4|16   |     |   (0) comments


    Huawei's ICT solutions power the state-of-the-art Amsterdam ArenA, turning it into a smart stadium.
    LRTV Interviews
    Testing When There's No 'There' There

    5|4|16   |     |   (1) comment


    The benefits of SDN/NFV are well known, but the transition comes with some challenges, prominent among them is: how do you test a network that has been abstracted and has the potential to be endlessly reconfigurable? Light Reading was at NFV World Congress in Santa Clara, Calif., where we bumped into Mats Nordlund, CEO and co-founder of Netrounds, a Swedish ...
    LRTV Interviews
    Ditching the Slash & the Orchestration Wars

    5|3|16   |     |   (2) comments


    SDN and NFV have been inextricably bound with each other for so long that on a conceptual level, smooshing them together into one catch-all phrase – SDNFV – is now justifiable, according to Dan Pitt, executive director of the Open Networking Foundation (ONF). Light Reading spoke to Pitt at the NFV World Congress, where he explained that the next ...
    LRTV Custom TV
    ZTE TV Connect Highlights

    5|3|16   |     |   (0) comments


    ZTE gives us a tour of its booth and new products at TV Connect in London.
    LRTV Custom TV
    Deluxe's Unified Delivery Solution

    5|3|16   |     |   (0) comments


    Join Alan Breznick of Light Reading and visit the Deluxe booth at NAB! Here you'll find Deluxe's Unified Delivery Solution, OTT video, virtual reality, HDR, 4K and much more!
    Upcoming Live Events
    May 23, 2016, Austin, TX
    May 23, 2016, Austin Convention Center
    May 24-25, 2016, Austin Convention Center, Austin, TX
    September 13-14, 2016, The Curtis Hotel, Denver, CO
    December 6-8, 2016,
    June 16-18, 2017, Austin Convention Center, Austin, TX
    All Upcoming Live Events
    Infographics
    A new survey conducted by Heavy Reading and TM Forum shows that CSPs around the world see the move to digital operations as a necessary part of their overall virtualization strategies.
    Hot Topics
    Sprint CEO: Our Spectrum Is for 5G
    Dan Jones, Mobile Editor, 5/3/2016
    Upskill U Kicks Off IoT Lectures With Ericsson
    Kelsey Kusterer Ziser, Editor, 5/4/2016
    Showdown at the OpenStack Corral
    Carol Wilson, Editor-at-large, 5/3/2016
    WiCipedia: 'Meternity,' Lemonade & Chores
    Eryn Leavens, Special Features & Copy Editor, 5/6/2016
    Nokia's Motley: Confidence Paves Career Paths
    Sarah Thomas, Director, Women in Comms, 5/2/2016
    Like Us on Facebook
    Twitter Feed
    BETWEEN THE CEOs - Executive Interviews
    In this latest installment of the CEO Chat series, Craig Labovitz, co-founder and CEO of Deepfield, sits down with Light Reading's Steve Saunders in Light Reading's New York City office to discuss how Deepfield fits in with the big data trend and more.
    Grant van Rooyen, president and CEO of Cologix, sits down with Steve Saunders, founder and CEO of Light Reading, in the vendor's New Jersey facility to offer an inside look at the company's success story and discuss the importance of security in the telecom industry.
    Animals with Phones
    Sloth Mail Click Here
    Sloth mail -- somehow even slower than snail mail.
    Live Digital Audio

    Of all the tech companies in the Valley, Intel has made the most aggressive commitment to building a diverse and inclusive workplace culture. It's doing so by taking concrete, measurable steps, making a large financial investment and through a commitment to complete transparency about its progress. In this radio show, WiC Director Sarah Thomas will be joined by Shlomit Weiss, Intel's Vice President, Data Center Group, and General Manager of Networking Engineering, who will share with us why Intel is tackling this huge challenge, how and to what effect. She will also discuss her unique experiences leading development of Client SOC development in the past and today leading development of all of the chipmaker's silicon hardware for networking IPs and discrete devices and managing a team of 600 engineers across Israel, Europe and the US.