Verizon Tackles Growing Issue of Stolen Credentials
Sydney, Australia - 18 July 2011 – Unauthorised access to corporate networks through stolen user names and passwords topped 45 percent in 2010, according to the “Verizon 2011 Data Breach Investigations Report,” making credentials the second most compromised data type.
To help address this growing security threat, Verizon is enhancing its cloud-based Enterprise Identity Services to give businesses more ways to authenticate users to corporate networks while offering strong security protection.
Verizon’s next generation of Enterprise Identity Services will now support popular devices such as smartphones and tablets -- including those running on the iOS operating system as well as Android and BlackBerry devices. This process will enable users to more easily gain access to corporate networks using a two-factor authentication – a process where a dynamic code is issued to the end user that is used along with a personal identification number (PIN). In addition, Verizon’s identity services will now enable digital signing capabilities for contracts, wills and other legally binding documents.
Two-Factor Authentication Offers a High Level of Protection for Users
Using readily available mobile devices for two-factor authentication significantly strengthens the security behind each user by incorporating additional intelligence such as phone number and location to validate a user’s identity. It also eases the implementation burden for consumers and enterprises, while offering multiple ways for users to authenticate to a network in the event their “token” is lost or stolen.
Traditionally, enterprises have used a specially issued single token or key fob to gain network access, a process that requires extensive behind-the-scenes management and deployment of tokens for sometimes tens of thousands of workers, leading to a time-consuming and resource-intensive process. It also generally does not include a built-in backup plan for lost or stolen tokens.
“With the release of our newest version of Enterprise Identity Services, we are changing the game for two-factor authentication,” said Peter Tippett, Verizon vice president of industry solutions and security practices. “Our expectation is that by strengthening authentication methods, we can significantly reduce enterprise security risk and improve the security of sensitive information while easing the burden on corporate IT departments.”
Digital Signing Capabilities Enable Better Business Outcomes
The new version of Enterprise Identity Services also brings digital signing capabilities to its users. Digital signatures are used in numerous industries, most commonly in the medical and legal fields. For instance, with this service, physicians can electronically prescribe controlled substances in accordance with Drug Enforcement Administration requirements. Other enterprise uses of digital signing include signing essential corporate documents, such as W-9 forms.
In conjunction with the new digital signing capabilities, Verizon Enterprise Identity Services also offers enterprise customers a mobile application known as ID Message Center, which allows users to monitor and track their digital signature activity.
Enhanced Identity Services Platform Based on Open Standards
Verizon’s enhanced identity platform adheres to the OATH (Initiative for Open Authentication) standards, which calls for an open standards-based system that, like existing proprietary systems, requires users to provide two proofs of identity. By using an open standards-based system, enterprises can use a range of ID token devices without changing existing back-end security systems.
Delivered via the cloud, Verizon Enterprise Identity Services are aimed at helping reduce the costs and complexity traditionally associated with identity rollouts. With this solution, users do not need to purchase additional hardware or software, and if users lose a device, they can easily add a secondary device to retrieve their dynamic code for authentication.
Verizon through its Terremark subsidiary offers managed security services; governance, risk and compliance management solutions; data loss and prevention solutions; and identity management solutions, all delivered by the company’s more than 1,200 security professionals around the globe. More information is available by visiting Verizon Security Solutions. The company also provides ongoing security insight and analysis via the Verizon Security Blog.
Verizon Communications Inc. (NYSE, NASDAQ:VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to mass market, business, government and wholesale customers. Verizon Wireless operates America's most reliable wireless network, with more than 104 million total connections nationwide. Verizon also provides converged communications, information and entertainment services over America's most advanced fiber-optic network, and delivers seamless business solutions to customers around the world. A Dow 30 company, Verizon employs a diverse workforce of more than 196,000 and last year generated consolidated revenues of $106.6 billion. For more information, visit www.verizon.com.
VERIZON’S ONLINE NEWS CENTER: Verizon news releases, executive speeches and biographies, media contacts, high-quality video and images, and other information are available at Verizon’s News Center on the World Wide Web at www.verizon.com/news. To receive news releases by e-mail, visit the News Center and register for customized automatic delivery of Verizon news releases.
For further information, please contact:Media Contact: Almira Anthony
+61 2 9954 3492