Light Reading
Cloud-based, single-card approach addresses chronic issue of lost passwords and security credentials, which cause two-thirds of data breaches.

Verizon Smart Credential Secures Physical, Virtual Assets

Carol Wilson
6/23/2014
50%
50%

Verizon today unveiled a new approach to stemming data breaches that combines protection of physical and virtual resources, and addresses issues posed by lost user passwords/credentials. The new Smart Credential offer combines a cloud-based service that has pay-as-you-go features with a physical security card that can be used for building access, or as part of a multi-factor security system. (See Verizon Offers New Data Breach Solution.)

Lost passwords and security credentials contribute to two-thirds of the data breaches reported in Verizon's 2014 Data Breach Investigations Report. The Smart Credential system was developed for enterprises looking to protect both physical and virtual assets, says Johan Sys, managing principal, Identity & Access Management, Verizon Enterprise Solutions .

"There is a lot of focus on protecting the virtual resources of a company but there has been a hole in the security coverage," Sys says. "Proximity cards -- those used to physically access an office building or parking garage -- are 30-year-old security systems and are actually very insecure."

The problem has been how to physically replace proximity cards for a business with multiple locations, some of which are leased, all at the same time. Verizon's approach lets companies move to a single security credential that incorporates the physical facility, and lets companies do it by paying per month, per card user.

By creating a single smart card that can be easily disabled if lost or stolen, Verizon is extending its managed security services to cover physical facilities and virtual assets and doing it in a way that lets businesses move to a more secure system without ripping out what they have today.

In addition to providing secure access to physical facilities, the cards offer logical access to workstations and networks, as well as authentication for online access to secure facilities, and digital signature and encryption that are typically part of a Public Key Infrastructure (PKI) system. The Smart Credential system doesn't require the new capex of a PKI approach to encrypting and authenticating data because the approach is cloud-based. The Smart Credential can be used as a basic authentication token, or as part of a multi-factor authentication system that also requires a user-provided password, or answer to a security question, or a biometric factor such as a fingerprint.

Changes are made via a web-based portal and cards that are lost or stolen can be instantly disabled. The Smart Credential system is set up to be interoperable with US government standards including the federal government's Personal Identity Verification Interoperability (PIV-I) standard.

The new Smart Credential is the latest in Verizon Enterprise Solutions' ongoing rollout of managed security options. You can find more information in the stories listed below:

— Carol Wilson, Editor-at-Large, Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
brookseven
50%
50%
brookseven,
User Rank: Light Sabre
6/23/2014 | 7:00:01 PM
Re: Security cards
Carol, Cards like that can already be remotely deactivated. Most exit procedures should include that as well as collecting such cards. The fact that Dan has it and it works points to the process and people problems in security that no amount of technology can overcome. seven
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
6/23/2014 | 5:33:18 PM
Re: Security cards
In the Verizon example, that card Dan used to break into the [NAME REDACTED] building in Chicago would have been remotely disabled when he left the company. 

But that's a great example of why these "proximity" cards aren't very secure. One mistake - not following up to insist a departing employee turn in his ID card - and an entire building is vulnerable...and to a guy like O'Shea, no less. 

 
Ariella
50%
50%
Ariella,
User Rank: Light Sabre
6/23/2014 | 12:51:10 PM
Re: Security cards
@DoShea, it's just incredible that the card still works after all that time. Not exactly secure then, is it? 
DOShea
50%
50%
DOShea,
User Rank: Blogger
6/23/2014 | 12:08:31 PM
Security cards
I remember several years ago still having a security card for a former employer that still worked almost a year after I had left the company. I was going to have lunch with one of my ex-coworkers there, just decided to see if it would work, and it did. This was after the security team had already let me go to the elevator bank because I looked familiar to them, and nodded in a familiar way at them.

Interesting offering, and I see the need for it, and what the cloud brings to it, but why even have the physical card when other options exist?
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
6/23/2014 | 11:38:25 AM
Bioinformatics
I've been checking into 24 Hour Fitness for what seems like five years now using just my index finger thumbprint (plus entering a code number on a keypad).   Given, the security risks are somewhat low for a gym, but at what point can they roll something like this out for business access.

And residential access too.  As a single person, I dread the thought of losing my keys, wallet, smartphone, after hours.   What would I do if I were locked out of my apartment with no money at 2 am?   I would much prefer we started switching to facial or fingerprint recognition.

 
Flash Poll
LRTV Documentaries
Sprint's Network Evolution

7|24|14   |   14:59   |   (0) comments


Sprint's Jay Bluhm gives a keynote speech at the Big Telecom Event (BTE) about Sprint's network and services evolution strategy, including Spark.
LRTV Documentaries
BTE Keynote: The Software-Defined Operator

7|24|14   |   18:43   |   (1) comment


Deutsche Telekom's Axel Clauberg explains the concept of the software-defined operator to the Big Telecom Event (BTE) crowd.
Light Reedy
Numbers Are In: LR's 2014 Salary Survey

7|24|14   |   1:25   |   (5) comments


Our fourth annual Salary Survey paints a picture of who's hiring, firing, earning, and yearning for a change in the telecom industry.
LRTV Custom TV
Driving the Network Transformation

7|23|14   |   4:29   |   (0) comments


Intel's Sandra Rivera discusses network transformation and how Intel technologies, programs, and standards body efforts have helped the industry migration to SDN and NFV.
LRTV Custom TV
Distributed NFV-Based Business Services by RAD

7|18|14   |   5:38   |   (0) comments


With the ETSI-approved Distributed NFV PoC running in the background, RAD's CEO, Dror Bin, talks about why D-NFV makes compelling sense for service providers, and about the dollars and cents RAD is putting behind D-NFV.
LRTV Custom TV
MRV Accelerating Packet Optical Convergence

7|15|14   |   6:06   |   (0) comments


Giving you network insight to make your network smarter.
LRTV Custom TV
NFV-Enabled Ethernet for Generating New Revenues

7|15|14   |   5:49   |   (0) comments


Cyan's Planet Orchestrate allows service providers and their end-customers to activate software-based capabilities such as firewalls and encryption on top of existing Ethernet services in just minutes.
LRTV Custom TV
Symkloud NVF-Ready Video Transcoding, Big Data

7|9|14   |   3:41   |   (0) comments


Kontron and ISV partner Vantrix demonstrate high-performance video transcoding and data analytic solutions on same 2U standard platform that is ready for SDN and NFV deployments made by mobile, cable and cloud operators.
LRTV Huawei Video Resource Center
The Evolving Role of Hybrid Video for Competitive Success

7|4|14   |   4:09   |   (0) comments


At Huawei's Global Analysts Summit in Shenzhen, China, Steven C. Hawley from TV Strategies speaks to us about the evolving role of hybrid video for competitive success.
LRTV Huawei Video Resource Center
How CSPs Leverage Big Data in the Digital Economy

7|4|14   |   4:48   |   (2) comments


Justin van der Lande from Analysys Mason shares with us his views on how telecom operators can leverage customer asset monetization with big data. His discusses the current status of big data applications and the challenges and opportunities for telecom operators in the digital economy era.
LRTV Huawei Video Resource Center
Accelerator for Digital Business Future Oriented BSS

7|4|14   |   3:08   |   (0) comments


Mobile and internet are becoming intertwined; IT and CT are integrating; and leading CSPs have begun to transform to information service and entertainment providers. How should the BSS system evolve to enable this transformation? Karl Whitelock, an analyst at Frost & Sullivan, shares his views.
LRTV Huawei Video Resource Center
Orange Tunisia Discusses Multi-Band Antenna With EasyRET Solution

7|4|14   |   2:45   |   (0) comments


As new site acquisition becomes more difficult, Orange Tunisia has requested multi-band antenna to support UMTS and LTE innovation. Some things considered include reducing the cost of antenna maintenance and having high reliability antenna and EasyRET solution.
Upcoming Live Events!!
September 16, 2014, Santa Clara, CA
September 16, 2014, Santa Clara, CA
October 29, 2014, New York City
November 11, 2014, Atlanta, GA
December 9-10, 2014, Reykjavik, Iceland
June 9-10, 2015, Chicago, IL
Infographics
Packet Design asks network professionals how they handle the cloud, SDN, and network management.
Today's Cartoon
Hot Topics
The Municipal Menace?
Jason Meyers, Senior Editor, Utility Communications/IoT, 7/22/2014
Cisco Puts a Fog Over IoT
Sarah Reedy, Senior Editor, 7/23/2014
GM: 10 Car Models on Road With AT&T's LTE
Dan Jones, Mobile Editor, 7/18/2014
Apple Earnings: Strong iPhone Sales, iPad Sales Slump, $7.8B Profit
Mitch Wagner, West Coast Bureau Chief, Light Reading, 7/22/2014
Like Us on Facebook
Twitter Feed