Video Screencast Help
Authentication (User) Blog
Showing posts tagged with Identity and Authentication Services
Showing posts in English
Mona Salvi | 26 Jun 2012 | 2 comments

Purpose

Since our last communication announcing the availability of Symantec Managed PKI 8.4, Symantec has been adding new features to its Managed PKI platform. With version 8.5, the product now offers a rich collection of features that truly enhance the PKI experience for administrators and end users.
 

Feature Highlight Summary

This release focuses on improving the PKI experience for our enterprise lifecycle solutions by providing a smooth and holistic experience to the customers, thereby reducing the level of support burden for the enterprise administrators. Below are the highlights of the release:

  • LDAP Support for Enterprise Gateway
  • CSR Enrollment method for Domain Controller Certificates
  • Enhanced Support for iOS certificates
  • Enrollment code delivery through email
  • Custom post processing scripts upload and distribution (**Requires PKI Client...
Marty Jost | 05 Apr 2012 | 1 comment

A recent BBC article has shed further light on the fact that not all online security companies or products are created equal. According to the article, hackers have found a way around some banks’ two-factor authentication security devices and have gained access to customer accounts.

The article describes these attacks as “Man-in-the-Browser” attacks, where malware resides in the web browser on a person’s device and gets between the user and the website, changing what is seen by the user and altering their account information and finances without their knowledge.

The types of malware that are used in these attacks are specifically designed to avoid signature-based detection mechanisms so that some virus protection software will find it. This situation is terrifying to both users and banks, especially considering their multi-factor authentication becomes basically null and void when this malware attacks. Suddenly the thick iron wall of protection...

Marty Jost | 24 Feb 2012 | 2 comments

According to a recent iPass Mobile Enterprise Report, iPhones are now more popular in enterprises than Blackberry and Android phones. With the growing popularity of iPhones and iPads in the workplace, it’s important that these tools have high quality security and certificate management.

Enter Symantec Managed Public Key Infrastructure (PKI) Service v8.3. As part of a larger mobile strategy, Symantec’s new Managed PKI v8.3 provides certificate management enhancements for Apple iOS devices. These enhancements significantly simplify certificate lifecycle management for enterprises when securing user and device authentication, email, data encryption, and applications that digitally sign data for business transactions.

We prepared these service enhancements to leverage the built-in Simple Certificate Enrollment Protocol...

Marty Jost | 09 Feb 2012 | 3 comments

This past year provided many important lessons in online security and protection. Based on these lessons and because of the numerous cyberattacks and threats in 2011, many organizations and businesses are currently revamping their online security guidelines and systems in an effort to improve authentication compliance and abide by authentication best practices.

In January, the Federal Financial Institutions Examination Council (FFIEC) recent updates to its Authentication Guidelines went into effect, requiring up-to-date and strong authentication compliance for financial institutions. The purpose of the guidelines is to “provide a risk management framework for financial institutions offering Internet-based products and services to their customers. Institutions should use effective methods to authenticate the identity of customers and that the techniques employed should be commensurate with the risks associated with the products and services offered and the...

nicolas_popp | 05 Feb 2012 | 0 comments

 

 

In the same way, the cloud emerged from software virtualization, cloud security can only emerge from the process of virtualizing security itself. As virtualization separated software from hardware, allowing enterprise software to freely move first across servers and eventually to external cloud infrastructures, security must now be separated from enterprise applications so themselves can be replaced with new cloud applications and eventually move to specialized clouds. Enterprises worldwide are already embracing the cloud for email, CRM, file sharing, collaboration, HR and other functional business applications. To properly manage cloud risk and compliance, IT needs a consistent way to inject its own security policy across cloud applications. Since these applications are operated by different cloud providers with different security capabilities, distinct security frameworks and diverse APIs, the security needs to be implemented outside...

Brendon Wilson | 04 Feb 2012 | 0 comments

The News

On January 31st, Symantec released a new version of Symantec™ Validation and ID Protection Service (VIP) (formerly VeriSign® Identity Protection Authentication Service) into production. As Symantec VIP is a cloud-based service, this new release is available to customers everywhere, effective immediately.

The Primary Themes of the Release

Symantec™ VIP Intelligent Authentication and Registered Computer

  • Simplified generation of VIP integration code for VPN. The VIP Manager policies for IA and RC now provide the option to easily generate the VIP integration code to include in your application's sign-in page.

VIP Manager Policy Configuration

  • Redesigned VIP Policy Configuration page. VIP policies have been reorganized for improved usability.
  • VIP Intelligent Authentication. VIP Manager now provides the following additional options for the...