Verizon addresses stolen credentials issues


Unauthorized access to corporate networks through stolen
user names and passwords topped 45 percent in 2010, according to the Verizon
2011 Data Breach Investigations Report.  


To help address this growing security threat, Verizon is
enhancing its cloud-based Enterprise Identity
Services to give businesses more ways to authenticate users to corporate
networks while offering strong security protection.


Verizon’s next generation of Enterprise Identity Services
will now support popular devices such as smartphones and tablets – including
those running on the iOS operating system as well as Android and BlackBerry


This process will enable users to more easily gain access
to corporate networks using a two-factor authentication a process where a
dynamic code is issued to the end user that is used along with a personal
identification number (PIN). In addition, Verizon’s identity services will
now enable digital signing capabilities for contracts, wills and other legally
binding documents.


Using readily available mobile devices for two-factor
authentication significantly strengthens the security behind each user
by incorporating additional intelligence such as phone number and location to
validate a user’s identity. It also eases the
implementation burden for consumers and enterprises, while offering multiple
ways for users to authenticate to a network in the event their
“token” is lost or stolen.


“With the release of our newest version of
Enterprise Identity Services, we are changing the game for two-factor
authentication,” said Peter Tippett, vice president of industry solutions
and security practices, Verizon.  


“Our expectation is that by strengthening
authentication methods, we can significantly reduce enterprise security risk
and improve the security of sensitive information while easing the burden on
corporate IT departments,” Peter added.


The new version of Enterprise Identity Services also
brings digital signing capabilities to its users. Digital signatures are
used in numerous industries, most commonly in the medical and legal fields.


For instance, with this service, physicians can
electronically prescribe controlled substances in accordance with Drug
Enforcement Administration requirements. Other enterprise uses of digital
signing include signing essential corporate documents, such as W-9 forms.


In conjunction with the new digital signing capabilities,
Verizon Enterprise Identity Services also offers enterprise customers a mobile
application known as ID Message Center, which allows users to monitor and track
their digital signature activity.


Verizon’s enhanced identity platform adheres to the OATH
(Initiative for Open Authentication) standards, which calls for an open
standards-based system that, like existing proprietary systems, requires users
to provide two proofs of identity. By using an open standards-based
system, enterprises can use a range of ID token devices without changing
existing back-end security systems.


Delivered via the cloud, Verizon Enterprise Identity
Services are aimed at helping reduce the costs and complexity traditionally
associated with identity rollouts. With this solution, users do not need to
purchase additional hardware or software, and if users lose a device, they can
easily add a secondary device to retrieve their dynamic code for


By Team
[email protected]