Light Reading

Verizon Smart Credential Secures Physical, Virtual Assets

Carol Wilson

Verizon today unveiled a new approach to stemming data breaches that combines protection of physical and virtual resources, and addresses issues posed by lost user passwords/credentials. The new Smart Credential offer combines a cloud-based service that has pay-as-you-go features with a physical security card that can be used for building access, or as part of a multi-factor security system. (See Verizon Offers New Data Breach Solution.)

Lost passwords and security credentials contribute to two-thirds of the data breaches reported in Verizon's 2014 Data Breach Investigations Report. The Smart Credential system was developed for enterprises looking to protect both physical and virtual assets, says Johan Sys, managing principal, Identity & Access Management, Verizon Enterprise Solutions .

"There is a lot of focus on protecting the virtual resources of a company but there has been a hole in the security coverage," Sys says. "Proximity cards -- those used to physically access an office building or parking garage -- are 30-year-old security systems and are actually very insecure."

The problem has been how to physically replace proximity cards for a business with multiple locations, some of which are leased, all at the same time. Verizon's approach lets companies move to a single security credential that incorporates the physical facility, and lets companies do it by paying per month, per card user.

By creating a single smart card that can be easily disabled if lost or stolen, Verizon is extending its managed security services to cover physical facilities and virtual assets and doing it in a way that lets businesses move to a more secure system without ripping out what they have today.

In addition to providing secure access to physical facilities, the cards offer logical access to workstations and networks, as well as authentication for online access to secure facilities, and digital signature and encryption that are typically part of a Public Key Infrastructure (PKI) system. The Smart Credential system doesn't require the new capex of a PKI approach to encrypting and authenticating data because the approach is cloud-based. The Smart Credential can be used as a basic authentication token, or as part of a multi-factor authentication system that also requires a user-provided password, or answer to a security question, or a biometric factor such as a fingerprint.

Changes are made via a web-based portal and cards that are lost or stolen can be instantly disabled. The Smart Credential system is set up to be interoperable with US government standards including the federal government's Personal Identity Verification Interoperability (PIV-I) standard.

The new Smart Credential is the latest in Verizon Enterprise Solutions' ongoing rollout of managed security options. You can find more information in the stories listed below:

— Carol Wilson, Editor-at-Large, Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
User Rank: Light Sabre
6/23/2014 | 7:00:01 PM
Re: Security cards
Carol, Cards like that can already be remotely deactivated. Most exit procedures should include that as well as collecting such cards. The fact that Dan has it and it works points to the process and people problems in security that no amount of technology can overcome. seven
Carol Wilson
Carol Wilson,
User Rank: Blogger
6/23/2014 | 5:33:18 PM
Re: Security cards
In the Verizon example, that card Dan used to break into the [NAME REDACTED] building in Chicago would have been remotely disabled when he left the company. 

But that's a great example of why these "proximity" cards aren't very secure. One mistake - not following up to insist a departing employee turn in his ID card - and an entire building is vulnerable...and to a guy like O'Shea, no less. 

User Rank: Light Sabre
6/23/2014 | 12:51:10 PM
Re: Security cards
@DoShea, it's just incredible that the card still works after all that time. Not exactly secure then, is it? 
User Rank: Blogger
6/23/2014 | 12:08:31 PM
Security cards
I remember several years ago still having a security card for a former employer that still worked almost a year after I had left the company. I was going to have lunch with one of my ex-coworkers there, just decided to see if it would work, and it did. This was after the security team had already let me go to the elevator bank because I looked familiar to them, and nodded in a familiar way at them.

Interesting offering, and I see the need for it, and what the cloud brings to it, but why even have the physical card when other options exist?
User Rank: Light Sabre
6/23/2014 | 11:38:25 AM
I've been checking into 24 Hour Fitness for what seems like five years now using just my index finger thumbprint (plus entering a code number on a keypad).   Given, the security risks are somewhat low for a gym, but at what point can they roll something like this out for business access.

And residential access too.  As a single person, I dread the thought of losing my keys, wallet, smartphone, after hours.   What would I do if I were locked out of my apartment with no money at 2 am?   I would much prefer we started switching to facial or fingerprint recognition.

Educational Resources
sponsor supplied content
Educational Resources Archive
From The Founder
Steve Saunders provides an overview of white box networking and introduces a new "slim line" version of the OSI 7-layer model.
Flash Poll
Live Streaming Video
CLOUD / MANAGED SERVICES: Prepping Ethernet for the Cloud
Moderator: Ray LeMaistre Panelists: Jeremy Bye, Leonard Sheahan
Between the CEOs
Centec on Ethernet Switching

11|26|15   |   09:58   |   (0) comments

Centec CEO James Sun talks to Steve Saunders about Ethernet switching and the white box revolution.
LRTV Custom TV
Delivering Service Agility in the Virtualization Era

11|25|15   |   5.41   |   (0) comments

Interview with Massimo Fatato, WW OSS Business Lead, Hewlett Packard Enterprise.
Wagner’s Ring
How Might Open Source Fail?

11|24|15   |     |   (10) comments

Open source, SDN, and NFV are looking inevitable – but performance, standards proliferation and regulatory capture could derail the movement.
LRTV Custom TV
NFV Lifecycle Orchestration – a Fresh Vision for Telco

11|23|15   |   6.40   |   (0) comments

Simon Osborne, CTO Comptel, and Heavy Reading's Caroline Chappell reveal the business impacts of new SDN and NFV, and what the term service orchestration actually means. Together they define Lifecycle Service Orchestration and how the virtualized future will look for telecoms operators.
Between the CEOs
Cisco's Virtual Role in Saudi

11|20|15   |   12:15   |   (2) comments

Light Reading founder and CEO Steve Saunders talks with Zayan Sadek, Regional Manager at Cisco Systems, about the competitive communications services market and advance of virtualization in Saudi Arabia.
LRTV Huawei Video Resource Center
Huawei Leads With Kubernetes for Cloud PaaS

11|19|15   |   08:26   |   (0) comments

Huawei is looking to Kubernetes as a key tool for building robust open source technologies for customers and partners, said Ying Xiong, chief architect of cloud platform at Huawei, in an interview with Light Reading West Coast Bureau Chief Mitch Wagner at the recent Kubecon conference.
Women in Comms Introduction Videos
WiC in London: The Highlight Reel

11|19|15   |   5:33   |   (1) comment

NetCracker's Mervat El Dabae headlines an inspiring morning in London with help from leading women from Vodafone, TalkTalk, Hyperoptics and Ciena.
LRTV Documentaries
Why Saudi's So Hot for New Tech

11|19|15   |   05:07   |   (0) comments

Light Reading's Steve Saunders reports from Saudi Arabia, a hyper-competitive market desperate to embrace the next generation of communications technologies and services.
LRTV Custom TV
Why Data Models Deliver More Value Than Information Models

11|19|15   |   5.08   |   (0) comments

Stefan Vallin argues that more automation is needed to manage end-to-end services and the hybrid networks they run on, and that data models are key to achieving this.
Telecom Innovators Video Showcase
SDN Management & Orchestration in the WAN

11|17|15   |   7.20   |   (0) comments

Carol Wilson and Packet Design CTO Cengiz Alaettinoglu discuss CSPs' SDN service delivery and assurance requirements. Learn about a modular approach to building automated control, orchestration and management functions for the WAN that are policy- and analytics-driven.
LRTV Custom TV
Flash Networks: Optimizing for Radio Spectral Efficiency

11|17|15   |   3:34   |   (0) comments

Today most optimization vendors only focus on optimizing voice or data. Ofer Gottfried, Flash Networks' CTO, shows how improving data throughput and maximizing spectral efficiency reduces capital and operating expenses while also providing a platform for user engagement.
LRTV Custom TV
Making Pay-TV User Experiences Millennial-Friendly

11|16|15   |   6:42   |   (0) comments

The unique challenge of reaching and engaging Millennials is driving pay-TV video experience transformation that can include higher quality UIs, viewing of multiple content streams at once and seamless transitions between handheld devices and the television.
Allot MobileTrends Report H2/2015 reveals how daily online behavior can be used to discover smarter ways to profile customers and propose valuable, real-time offers to them.
Hot Topics
Samsung to Sell Wireless Networking Unit?
Dan Jones, Mobile Editor, 11/23/2015
Samsung: No Sale of Wireless Unit
Dan Jones, Mobile Editor, 11/25/2015
How Might Open Source Fail?
Mitch Wagner, West Coast Bureau Chief, Light Reading, 11/24/2015
Sprint to Get $1.2B From New Leasing Venture
Dan Jones, Mobile Editor, 11/23/2015
Networking Shines in HP's Gloomy Final Earnings
Mitch Wagner, West Coast Bureau Chief, Light Reading, 11/25/2015
Like Us on Facebook
Twitter Feed
December 15, 2015
Virtualizing Cable Services
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
Centec CEO James Sun talks to Steve Saunders about Ethernet switching and the white box revolution.
Light Reading founder and CEO Steve Saunders talks with Zayan Sadek, Regional Manager at Cisco Systems, about the competitive communications services market and advance of virtualization in Saudi Arabia.
Cats with Phones
Can't Find the Phone on Thanksgiving? Click Here
Check under the cat! (hint: bottom right)
Live Digital Audio

Broadband speeds are ramping up across Europe as the continent, at its own pace, follows North America towards a gigabit society. But there are many steps to take on the road to gigabit broadband availability and a number of technology options that can meet the various requirements of Europe’s high-speed fixed broadband network operators. During this radio show we will look at some of the catalysts for broadband network investments and examine the menu of technology options on offer, including vectoring and for copper plant evolution and the various deployment possibilities for FTTH/B.