Light Reading
Cloud-based, single-card approach addresses chronic issue of lost passwords and security credentials, which cause two-thirds of data breaches.

Verizon Smart Credential Secures Physical, Virtual Assets

Carol Wilson
6/23/2014
50%
50%

Verizon today unveiled a new approach to stemming data breaches that combines protection of physical and virtual resources, and addresses issues posed by lost user passwords/credentials. The new Smart Credential offer combines a cloud-based service that has pay-as-you-go features with a physical security card that can be used for building access, or as part of a multi-factor security system. (See Verizon Offers New Data Breach Solution.)

Lost passwords and security credentials contribute to two-thirds of the data breaches reported in Verizon's 2014 Data Breach Investigations Report. The Smart Credential system was developed for enterprises looking to protect both physical and virtual assets, says Johan Sys, managing principal, Identity & Access Management, Verizon Enterprise Solutions .

"There is a lot of focus on protecting the virtual resources of a company but there has been a hole in the security coverage," Sys says. "Proximity cards -- those used to physically access an office building or parking garage -- are 30-year-old security systems and are actually very insecure."

The problem has been how to physically replace proximity cards for a business with multiple locations, some of which are leased, all at the same time. Verizon's approach lets companies move to a single security credential that incorporates the physical facility, and lets companies do it by paying per month, per card user.

By creating a single smart card that can be easily disabled if lost or stolen, Verizon is extending its managed security services to cover physical facilities and virtual assets and doing it in a way that lets businesses move to a more secure system without ripping out what they have today.

In addition to providing secure access to physical facilities, the cards offer logical access to workstations and networks, as well as authentication for online access to secure facilities, and digital signature and encryption that are typically part of a Public Key Infrastructure (PKI) system. The Smart Credential system doesn't require the new capex of a PKI approach to encrypting and authenticating data because the approach is cloud-based. The Smart Credential can be used as a basic authentication token, or as part of a multi-factor authentication system that also requires a user-provided password, or answer to a security question, or a biometric factor such as a fingerprint.

Changes are made via a web-based portal and cards that are lost or stolen can be instantly disabled. The Smart Credential system is set up to be interoperable with US government standards including the federal government's Personal Identity Verification Interoperability (PIV-I) standard.

The new Smart Credential is the latest in Verizon Enterprise Solutions' ongoing rollout of managed security options. You can find more information in the stories listed below:

— Carol Wilson, Editor-at-Large, Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
brookseven
50%
50%
brookseven,
User Rank: Light Sabre
6/23/2014 | 7:00:01 PM
Re: Security cards
Carol, Cards like that can already be remotely deactivated. Most exit procedures should include that as well as collecting such cards. The fact that Dan has it and it works points to the process and people problems in security that no amount of technology can overcome. seven
Carol Wilson
50%
50%
Carol Wilson,
User Rank: Blogger
6/23/2014 | 5:33:18 PM
Re: Security cards
In the Verizon example, that card Dan used to break into the [NAME REDACTED] building in Chicago would have been remotely disabled when he left the company. 

But that's a great example of why these "proximity" cards aren't very secure. One mistake - not following up to insist a departing employee turn in his ID card - and an entire building is vulnerable...and to a guy like O'Shea, no less. 

 
Ariella
50%
50%
Ariella,
User Rank: Light Sabre
6/23/2014 | 12:51:10 PM
Re: Security cards
@DoShea, it's just incredible that the card still works after all that time. Not exactly secure then, is it? 
DOShea
50%
50%
DOShea,
User Rank: Blogger
6/23/2014 | 12:08:31 PM
Security cards
I remember several years ago still having a security card for a former employer that still worked almost a year after I had left the company. I was going to have lunch with one of my ex-coworkers there, just decided to see if it would work, and it did. This was after the security team had already let me go to the elevator bank because I looked familiar to them, and nodded in a familiar way at them.

Interesting offering, and I see the need for it, and what the cloud brings to it, but why even have the physical card when other options exist?
jabailo
50%
50%
jabailo,
User Rank: Light Sabre
6/23/2014 | 11:38:25 AM
Bioinformatics
I've been checking into 24 Hour Fitness for what seems like five years now using just my index finger thumbprint (plus entering a code number on a keypad).   Given, the security risks are somewhat low for a gym, but at what point can they roll something like this out for business access.

And residential access too.  As a single person, I dread the thought of losing my keys, wallet, smartphone, after hours.   What would I do if I were locked out of my apartment with no money at 2 am?   I would much prefer we started switching to facial or fingerprint recognition.

 
Educational Resources
sponsor supplied content
Educational Resources Archive
Flash Poll
From The Founder
It's clear to me that the communications industry is divided into two types of people, and only one is living in the real world.
Jonestown
Mobile Backhaul: Going to the Dark Side?

10|30|14   |   2:26   |   (0) comments


Heavy Reading's Patrick Donegan shares his view on a dark trend that bubbled up at Light Reading's annual backhaul conference in NYC.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview With CEO of SwitchCom

10|30|14   |   4:13   |   (0) comments


SwitchCom, an IT company based in Angola, recommends a variety of Huawei solutions and hardware to their customers in the energy industry.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview With Ethiopia's Ministry of Water Irrigation & Energy

10|30|14   |   4:08   |   (0) comments


Gosaye Mengistie of Ethiopia's Ministry of Water Irrigation & Energy discusses the collaboration with Huawei in that country.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview with Dongfang Electronics Corporation

10|30|14   |   5:46   |   (0) comments


Dongfang Electronics Corporation, headquartered in Chengdu, China, is one of China's largest manufacturers of power generators and contractors of power station projects.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview with Zimbabwe's Customers

10|30|14   |   3:31   |   (0) comments


Representatives of Zimbabwe's Ministry of Power and Development discuss the energy needs of their country as well as new areas of improvement due to enhanced ICT capabilities.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview With Colbún Chile

10|30|14   |   4:29   |   (0) comments


In Chile, an aging energy infrastructure was in dire need of a modern update. Claudio Valenzuela of Colbún discusses how Huawei's ICT solutions continue to provide crucial information to improve the grid and how an in-country engineer is a cricial asset.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview With YuLiao

10|30|14   |   6:27   |   (0) comments


Yu Liao, chairman of the Chinese Association for Renewable Energy in Germany, discusses the role that ICT solutions play in helping to grow renewable energy resources in Germany.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview

10|30|14   |   2:54   |   (0) comments


Sifang has been working with Huawei on several projects. JingTao Wu, Assistant President of Beijing Sifang Automation Co. Ltd., believes that the cooperation with Huawei can facilitate Sifang's process of internationalization.
LRTV Huawei Video Resource Center
A Better Connected Smart Grid: Powering Laos

10|30|14   |   5:38   |   (0) comments


Representatives of Electricite Du Laos (EDL), a state-owned corporation, discuss the importance of ICT solutions in serving their country's energy needs.
LRTV Huawei Video Resource Center
2014 Huawei Electric Power Industry Summit: Interview With Junwei Lu

10|30|14   |   4:50   |   (0) comments


Professor Junwei Lu of Griffith University Australia describes his work with micro grid technology and the future of the power industry.
LRTV Documentaries
The Next-Gen Network Disconnect

10|29|14   |   01:23   |   (0) comments


There's a lot of talk about making networks more simple with SDN, NFV and next-gen broadband technology – but what about the complexity of introducing such capabilities?
LRTV Custom TV
Grow Your VPN Service Revenue

10|27|14   |   4:00   |   (0) comments


Watch how CSP product managers can better differentiate and maximize the value of their Internet, VPN and cloud services for business services customers, by adding premium application performance visibility to their data services.
Upcoming Live Events
November 6, 2014, Santa Clara
November 11, 2014, Atlanta, GA
December 2, 2014, New York City
December 3, 2014, New York City
December 9-10, 2014, Reykjavik, Iceland
February 10, 2015, Atlanta, GA
May 6, 2015, McCormick Convention Center, Chicago, IL
May 30, 2015, The Westin Peachtree, Atlanta, GA
June 9-10, 2015, Chicago, IL
Infographics
WhoIsHostingThis.com presents six of the world's most extreme WiFi hotspots, enabling the most epic selfies you can imagine.
Hot Topics
Microsoft's Skype Embraces WebRTC on IE
Sarah Reedy, Senior Editor, 10/27/2014
FTC Slaps AT&T With Throttling Lawsuit
Sarah Reedy, Senior Editor, 10/28/2014
Wheeler Gets Down With OTT
Mari Silbey, Independent Technology Editor, 10/29/2014
China's MVNOs Hit the Wall
Robert Clark, 10/27/2014
Let's Not Kill SDN & NFV With Silos
Francois Locoh-Donou, Senior VP, Global Products Group, Ciena, 10/28/2014
Like Us on Facebook
Twitter Feed