Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services
Showing posts in English
MelanieLopez | 27 Jun 2013 | 1 comment

You’ve probably heard about spear-phishing – a hacker finds some information about you, poses as a friend or trusted business to get personal information from you via an email, and uses the information to login to a desired account. This could potentially cause some major financial harm, either to you personally or to your business. In the 2013 Cost of a Data Breach study, U.S. businesses paid an average of $5.4 million per data breach last year. Malicious and criminal attacks accounted for 37% of those breaches, and were the most costly of all breaches in each of the nine countries surveyed. See the...

MelanieLopez | 25 Jun 2013 | 0 comments

“Counting factors is a poor way to estimate authentication strength,” says Gartner analyst Ant Allan in a recent article by NetworkWorld’s Bob Violino, which highlights many of the reasons more businesses are turning to stronger authentication, in a way that is more convenient for users and less costly than incumbent solutions. With the increased use of employees bringing their own devices and working remotely, mobile devices are playing a huge role in authentication methods and scenarios, and consequently, cloud-based authentication services are also on the rise.

Here are four of the key trends that are shaping the demand for stronger authentication, highlighted in “Why password-only authentication is passe” at

  1. Frequency of security breaches (i.e. Twitter, Evernote, LinkedIn) have IT...
sambit | 10 May 2013 | 0 comments

Symantec VIP added some new functionality in past few months.

VIP Third-Party Integrations

Symantec VIP provides almost 30 enterprise third party application plug-ins integrating seamlessly with industry standard VPNs, enterprise access manager and single sign on products, remote desktop access products, and end-point authentication modules over Windows, Linux and other UNIX platforms. In the past few months, we focused on enhancing console login experience with Windows Sever 2008 and Windows 7, enabled Microsoft NPS servers and Cisco ISE to authenticate with Symantec VIP, ensured Cisco Secure ACS 5.x compatibility with the VIP services.

  1. Microsoft Windows Server 2008 and Windows 7 – Microsoft Windows Console Login can be enhanced to integrate with custom security protocols like smart card, two factor authentication by developing credential provider modules. Symantec VIP Credential Provider for Windows has been providing strong...
Teresa Law | 26 Apr 2013 | 0 comments

Follow Managed PKI on Twitter @SymantecMPKI

Symantec would like to announce the release of Managed PKI Service v8.8, which includes support for the newest platforms and browsers, local key escrow and recovery service, and features to address evolving NIST guidelines.

Summary of New Features:

  • Support for heterogeneous environments
    • New platforms and browsers (IE 10 on Windows 8 platforms; PKI Client support for Windows Vista 64-bit)
    • Automate the enrollment process for MAC environments
  • Key Management Enhancements
    • Local key escrow and recovery service
    • Support for evolving NIST standards with ECC based keys
  • Support for WiMAX and DOCSIS certificates
  • General user interface enhancements improve Administrator experience

Support for heterogeneous environments...

Teresa Law | 01 Apr 2013 | 3 comments

Follow Symantec VIP on Twitter @SymantecVIP

The latest update to Symantec Validation and ID Protection Service is live.  Improved manageability and an even better administrator and user experience through numerous UI enhancements is again the theme of this release.  Much of the focus surrounds the user experience with Intelligent Authentication and Registered Computer; and the administration of Remembered Devices and out-of-band authentication.

Summary of New Features

  • VIP Manager redesign continues – updated user emails
  • Streamlined experience for users of VIP risk-based authentication (Intelligent Authentication) and Registered Computer
  • Enhanced Remembered Device Management
  • Enhanced account management for out-of-band authentication through user specified country codes
  • Symantec VIP platform and OS requirements can be found on the VIP website under...
Teresa Law | 24 Jan 2013 | 1 comment

Follow Managed PKI on Twitter @SymantecMPKI

Symantec Managed PKI (MPKI) 8.7 is now live - with improvements to ease of use and manageability, stronger integrations with Mobile Device Management (MDM) solutions such as Airwatch, Fiberlink, and Symantec SMM; and broader ecosystem support with certificate support for LTE Base Stations, Smart Meters, and Airline e-Enabling.

Summary of New Features:

  • Better integration with MDM solutions (Airwatch, Fiberlink, and Symantec SMM)
  • Support for new ecosystems:
    • Smart Meters – lightweight certificates to establish trust between devices
    • LTE Base Stations – delivering operator certificates to support 3GPP standards
    • Airline e-Enabling – operations security via authentication and digital signatures (wired and wireless)
  • Ability for device manufacturers  to order certificates asynchronously in a batch to...
Marty Jost | 10 Jan 2013 | 7 comments

Passwords must die.

At least, that was a theme of the Gartner Identity and Access Management Conference I recently attended. And you don’t have to be a security expert to see that our traditional system of “think of something you can easily remember” passwords is broken. Between guessing them, brute force attacks, keyloggers, socially engineered cons, and just breaking in and outright stealing them from a database as in a recent attack on Yahoo, users are in a difficult situation

For one thing, too many of us aren’t using strong passwords to begin with. This year’s breach of millions of Yahoo! Voice user passwords demonstrated our unwillingness to remember long, challenging combinations of numbers, letters and symbols –“password” was the most common password among those stolen. Another problem is that our passwords are only as effective as the security of the organization storing them. It does us no good to have the...

Marty Jost | 10 Dec 2012 | 0 comments

With mobility and the cloud dominating today's computing landscape, IT needs to examine new methods of ensuring trustworthy access, including risk-based authentication methods that strike a balance between robust security and accessibility.

There's a major paradigm shift underway, with mobility and cloud-based computing transforming the way IT delivers services to end users. More and more employees are coming to work armed with their own personal smart phones and tablets while online customer portals and Web-based supplier hubs are going live to bolster supply chain collaboration and deliver better customer service. Under constant pressure to lower costs, IT groups are furiously moving applications out of the data center and on to the cloud, typically as some sort of Software-as-a-Service.

This new world of IT is putting some serious pressure on traditional security models, elevating risk and calling for new ways of ensuring trustworthy access. Just reading...

Teresa Law | 06 Dec 2012 | 0 comments

Symantec would like to announce the new update of VIP, with a new look and feel to VIP Manager and new functionality for Enterprise Gateway v9.2. 

The current VIP Manager will continue to be available using the current URL for approximately six months to allow for a smooth transition to the new URL  Both VIP Manager interfaces will use the same database backend so you may use them interchangeably if desired.

Summary of New Features:

  • A brand new VIP Manager with Symantec branding, new navigation and dashboard, and redesigned user and credential management functions
  • Support for configurable VIP user IDs improve data privacy
  • Enhancements streamline process when migrating from legacy authentication solutions to VIP
  • Improved manageability in diverse and complex environments
    • Support for multiple user stores with a...
Marty Jost | 03 Nov 2012 | 0 comments

Enterprise Cloud adoption continues to accelerate. It’s no longer a question whether the Cloud will gain acceptance but how quickly and broadly it will spread. The cost advantages that Software as a Service (SaaS) delivers make it widely attractive as enterprises adopt cloud services to reduce their network and infrastructure costs.

However, with the advantages that cloud computing brings, come new challenges around authentication and access control. For example, many organizations are discovering a growing friction between authentication security and usability across their multiple cloud applications. The root cause of the problem is that for most organizations the vendor for each cloud application is often a different company. Perhaps it’s ADP for payroll, for CRM, Concur for Expense Management, and so on.

It’s all too common for each of these applications to have different security or log in policies, such as the required length of...