& cplSiteName &

Verizon Smart Credential Secures Physical, Virtual Assets

Carol Wilson
6/23/2014
50%
50%

Verizon today unveiled a new approach to stemming data breaches that combines protection of physical and virtual resources, and addresses issues posed by lost user passwords/credentials. The new Smart Credential offer combines a cloud-based service that has pay-as-you-go features with a physical security card that can be used for building access, or as part of a multi-factor security system. (See Verizon Offers New Data Breach Solution.)

Lost passwords and security credentials contribute to two-thirds of the data breaches reported in Verizon's 2014 Data Breach Investigations Report. The Smart Credential system was developed for enterprises looking to protect both physical and virtual assets, says Johan Sys, managing principal, Identity & Access Management, Verizon Enterprise Solutions .

"There is a lot of focus on protecting the virtual resources of a company but there has been a hole in the security coverage," Sys says. "Proximity cards -- those used to physically access an office building or parking garage -- are 30-year-old security systems and are actually very insecure."

The problem has been how to physically replace proximity cards for a business with multiple locations, some of which are leased, all at the same time. Verizon's approach lets companies move to a single security credential that incorporates the physical facility, and lets companies do it by paying per month, per card user.

By creating a single smart card that can be easily disabled if lost or stolen, Verizon is extending its managed security services to cover physical facilities and virtual assets and doing it in a way that lets businesses move to a more secure system without ripping out what they have today.

In addition to providing secure access to physical facilities, the cards offer logical access to workstations and networks, as well as authentication for online access to secure facilities, and digital signature and encryption that are typically part of a Public Key Infrastructure (PKI) system. The Smart Credential system doesn't require the new capex of a PKI approach to encrypting and authenticating data because the approach is cloud-based. The Smart Credential can be used as a basic authentication token, or as part of a multi-factor authentication system that also requires a user-provided password, or answer to a security question, or a biometric factor such as a fingerprint.

Changes are made via a web-based portal and cards that are lost or stolen can be instantly disabled. The Smart Credential system is set up to be interoperable with US government standards including the federal government's Personal Identity Verification Interoperability (PIV-I) standard.

The new Smart Credential is the latest in Verizon Enterprise Solutions' ongoing rollout of managed security options. You can find more information in the stories listed below:

— Carol Wilson, Editor-at-Large, Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
brookseven
50%
50%
brookseven,
User Rank: Light Sabre
6/23/2014 | 7:00:01 PM
Re: Security cards
Carol, Cards like that can already be remotely deactivated. Most exit procedures should include that as well as collecting such cards. The fact that Dan has it and it works points to the process and people problems in security that no amount of technology can overcome. seven
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
6/23/2014 | 5:33:18 PM
Re: Security cards
In the Verizon example, that card Dan used to break into the [NAME REDACTED] building in Chicago would have been remotely disabled when he left the company. 

But that's a great example of why these "proximity" cards aren't very secure. One mistake - not following up to insist a departing employee turn in his ID card - and an entire building is vulnerable...and to a guy like O'Shea, no less. 

 
Ariella
50%
50%
Ariella,
User Rank: Light Sabre
6/23/2014 | 12:51:10 PM
Re: Security cards
@DoShea, it's just incredible that the card still works after all that time. Not exactly secure then, is it? 
DOShea
50%
50%
DOShea,
User Rank: Blogger
6/23/2014 | 12:08:31 PM
Security cards
I remember several years ago still having a security card for a former employer that still worked almost a year after I had left the company. I was going to have lunch with one of my ex-coworkers there, just decided to see if it would work, and it did. This was after the security team had already let me go to the elevator bank because I looked familiar to them, and nodded in a familiar way at them.

Interesting offering, and I see the need for it, and what the cloud brings to it, but why even have the physical card when other options exist?
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
6/23/2014 | 11:38:25 AM
Bioinformatics
I've been checking into 24 Hour Fitness for what seems like five years now using just my index finger thumbprint (plus entering a code number on a keypad).   Given, the security risks are somewhat low for a gym, but at what point can they roll something like this out for business access.

And residential access too.  As a single person, I dread the thought of losing my keys, wallet, smartphone, after hours.   What would I do if I were locked out of my apartment with no money at 2 am?   I would much prefer we started switching to facial or fingerprint recognition.

 
From The Founder
Following a recent board meeting, the New IP Agency (NIA) has a new strategy to help accelerate the adoption of NFV capabilities, explains the Agency's Founder and Secretary, Steve Saunders.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Interviews
BT's McRae Sheds Light on 4K Strategy

5|25|17   |   4:45   |   (0) comments


At Light Reading's Big Communications Event 2017 in Austin, Texas, BT Group's Chief Network Architect Neil McRae talks about what it took for BT to broadcast live sports in 4K. Catch up with all our BCE coverage at http://www.lightreading.com/bce.asp.
From the Founder
How the NIA Aims to Advance NFV

5|25|17   |   08:07   |   (0) comments


Following a recent board meeting, the New IP Agency (NIA) has a new strategy to help accelerate the adoption of NFV capabilities, explains the Agency's Founder and Secretary, Steve Saunders.
LRTV Custom TV
Better Solutions That Address Growing Scale

5|25|17   |     |   (0) comments


For Comcast, the X1 rollout and 17-fold increases in broadband speeds in the past 16 years are among factors driving the need for Energy 2020 solutions that reduce cost and consumption, says Mark Hess.
LRTV Custom TV
Ethernity Network Delivers Instant Offloading of Network Functions With All-Programmable Intelligent NIC

5|25|17   |     |   (0) comments


David Levi, CEO of Ethernity Networks, explains that programmability of the hardware makes the company's All-Programmable Intelligent NIC uniquely beneficial for communications service providers that need advanced data appliances with agile support of virtualization. Utilizing the company's patented network processing technology, Ethernity offers data path ...
LRTV Documentaries
BCE 2017: Vodafone Gets Obsessed With Cloud-Native

5|25|17   |     |   (0) comments


Vodafone's Matt Beal updates us on Project Ocean and explains why simple virtualization isn't enough of a goal for network transformation. Catch up with other BCE 2017 keynotes and news at http://www.lightreading.com/bce.asp.
LRTV Documentaries
BCE 2017: Intel's Take on Network Transformation

5|24|17   |     |   (0) comments


In this BCE 2017 keynote, Lynn Comp discusses Intel's vision for areas such as analytics, automation and service assurance. For more videos and BCE coverage, see http://www.lightreading.com/bce.asp.
LRTV Documentaries
Order From Chaos: The Steve Saunders BCE Keynote

5|24|17   |   17:27   |   (0) comments


Kicking off BCE 2017, Light Reading founder Steve Saunders lays blame for NFV's slow ramp-up and urges telecom to return to old-fashioned standards building and interoperability testing.
Think of this as the video sequel to the recent columns he's written about NFV and the prospect of a telecom app store. (See

LRTV Documentaries
Service Provider Panel: Partnering in the Digital Era

5|22|17   |     |   (0) comments


Coopetition has always been part of telecom, but the ecosphere now includes data centers, vendors, apps developers, cloud service providers and Internet content providers. This BCE 2017 panel explores the new attitudes among network operators as to the value and variety of ...
LRTV Interviews
Site Demo: AT&T's IoT Flow Platform

5|19|17   |   04:25   |   (0) comments


At AT&T's R&D center in Tel Aviv, Israel, project leader Eyal Segev talks about the operator's Flow platform and how it helps to prototype IoT applications.
LRTV Documentaries
Agent of Change: A Q&A With AT&T's John Donovan

5|18|17   |     |   (0) comments


Carol Wilson talks with the man leading AT&T's transformation efforts about the challenge of change.
LRTV Documentaries
BCE Service Provider Panel: The New Business Realities

5|18|17   |     |   (0) comments


For virtualization to happen, the telecom industry first has to grapple with key functional aspects of SDN and NFV that need to be universal, such as onboarding of virtualized network functions and federation of software-defined networks.
LRTV Interviews
BCE Service Provider Keynote: CenturyLink

5|16|17   |   22:32   |   (0) comments


Aamir Hussain leads the Product Development and Technology organization at CenturyLink, which includes the company's information technology function. He is an experienced senior technology executive with more than 25 years of proven success in the implementation of global technology operations, operationalization of complex technology, infrastructures and business ...
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Cities Clamor for More Clout at FCC
Mari Silbey, Senior Editor, Cable/Video, 5/23/2017
What's Blocking 4K TV Today
Alan Breznick, Cable/Video Practice Leader, Light Reading, 5/22/2017
Sonus & Genband Finally Combine to Form $745M Company
Dan Jones, Mobile Editor, 5/23/2017
Fright Wigs & Cocktails: BCE 2017 in Pics
Mitch Wagner, Editor, Enterprise Cloud, 5/19/2017
Apple Looking to Cook 5G Test Devices
Dan Jones, Mobile Editor, 5/24/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
One of the nice bits of my job (other than the teeny tiny salary, obviously) is that I get to pick and choose who I interview for this slot on the Light Reading home ...
TEOCO Founder and CEO Atul Jain talks to Light Reading Founder and CEO Steve Saunders about the challenges around cost control and service monetization in the mobile and IoT sectors.
Animals with Phones
What Brogrammers Look Like to the Rest of Us Click Here
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.