Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Authentication (User) Blog
Showing posts in English
Teresa Law | 23 Oct 2012 | 0 comments

Announcing Managed PKI Service v8.6

Symantec would like to announce the release of Managed PKI Service v8.6, which includes new Managed PKI clients for the Android and the Apple Mac. 

Summary of New Features:

  • Transparent certificate enrollment and automation features across all platforms
  • PKI Client for MAC
  • PKI Client for Android (can be downloaded from Google Play)
  • Microsoft’s Auto Enrollment enhancements that provide post processing functionality with fully transparent auto enrollment through PKI Client (not available with Microsoft Auto Enrollment alone).
  • Certificate Management
  • Enterprise Gateway GUI Based installer
  • Allow configuration of KU and EKU extensions

Enhancements such as an Android client are one of the Symantec tools that can help organizations more safely and economically adopt Bring Your Own Device (BYOD) initiatives....

sambit | 20 Sep 2012 | 0 comments

The month of September has seen some of the significant product updates to Symantec VIP. Here is a summary of what’s new.

VIP Access Desktop 2.1 for Windows

Earlier this month we released VIP Access Desktop v2.1 for Windows with specific focus on our enterprise customers. Here are the salient features for the release:

  • Enterprise-friendly installation with MSI push
  • Accessibility support compliant with US Section 508
  • Credential “reset” with the VIP Service to resolve time synchronization issues
  • Optional credential deletion during uninstallation
  • All new Symantec look and feel

You can upgrade your existing installation of VIP Access Desktop 2.0.x to 2.1 through LiveUpdate, or download from http://idprotect.verisign.com or VIP Manager.

VIP Third-Party Integrations

Symantec VIP provides almost 25 enterprise third...

Mona Salvi | 26 Jun 2012 | 2 comments

Purpose

Since our last communication announcing the availability of Symantec Managed PKI 8.4, Symantec has been adding new features to its Managed PKI platform. With version 8.5, the product now offers a rich collection of features that truly enhance the PKI experience for administrators and end users.
 

Feature Highlight Summary

This release focuses on improving the PKI experience for our enterprise lifecycle solutions by providing a smooth and holistic experience to the customers, thereby reducing the level of support burden for the enterprise administrators. Below are the highlights of the release:

  • LDAP Support for Enterprise Gateway
  • CSR Enrollment method for Domain Controller Certificates
  • Enhanced Support for iOS certificates
  • Enrollment code delivery through email
  • Custom post processing scripts upload and distribution (**Requires PKI Client...
Marty Jost | 05 Apr 2012 | 1 comment

A recent BBC article has shed further light on the fact that not all online security companies or products are created equal. According to the article, hackers have found a way around some banks’ two-factor authentication security devices and have gained access to customer accounts.

The article describes these attacks as “Man-in-the-Browser” attacks, where malware resides in the web browser on a person’s device and gets between the user and the website, changing what is seen by the user and altering their account information and finances without their knowledge.

The types of malware that are used in these attacks are specifically designed to avoid signature-based detection mechanisms so that some virus protection software will find it. This situation is terrifying to both users and banks, especially considering their multi-factor authentication becomes basically null and void when this malware attacks. Suddenly the thick iron wall of protection...

Marty Jost | 24 Feb 2012 | 2 comments

According to a recent iPass Mobile Enterprise Report, iPhones are now more popular in enterprises than Blackberry and Android phones. With the growing popularity of iPhones and iPads in the workplace, it’s important that these tools have high quality security and certificate management.

Enter Symantec Managed Public Key Infrastructure (PKI) Service v8.3. As part of a larger mobile strategy, Symantec’s new Managed PKI v8.3 provides certificate management enhancements for Apple iOS devices. These enhancements significantly simplify certificate lifecycle management for enterprises when securing user and device authentication, email, data encryption, and applications that digitally sign data for business transactions.

We prepared these service enhancements to leverage the built-in Simple Certificate Enrollment Protocol...

Marty Jost | 09 Feb 2012 | 3 comments

This past year provided many important lessons in online security and protection. Based on these lessons and because of the numerous cyberattacks and threats in 2011, many organizations and businesses are currently revamping their online security guidelines and systems in an effort to improve authentication compliance and abide by authentication best practices.

In January, the Federal Financial Institutions Examination Council (FFIEC) recent updates to its Authentication Guidelines went into effect, requiring up-to-date and strong authentication compliance for financial institutions. The purpose of the guidelines is to “provide a risk management framework for financial institutions offering Internet-based products and services to their customers. Institutions should use effective methods to authenticate the identity of customers and that the techniques employed should be commensurate with the risks associated with the products and services offered and the...

nicolas_popp | 05 Feb 2012 | 0 comments

 

 

In the same way, the cloud emerged from software virtualization, cloud security can only emerge from the process of virtualizing security itself. As virtualization separated software from hardware, allowing enterprise software to freely move first across servers and eventually to external cloud infrastructures, security must now be separated from enterprise applications so themselves can be replaced with new cloud applications and eventually move to specialized clouds. Enterprises worldwide are already embracing the cloud for email, CRM, file sharing, collaboration, HR and other functional business applications. To properly manage cloud risk and compliance, IT needs a consistent way to inject its own security policy across cloud applications. Since these applications are operated by different cloud providers with different security capabilities, distinct security frameworks and diverse APIs, the security needs to be implemented outside...

Brendon Wilson | 04 Feb 2012 | 0 comments

The News

On January 31st, Symantec released a new version of Symantec™ Validation and ID Protection Service (VIP) (formerly VeriSign® Identity Protection Authentication Service) into production. As Symantec VIP is a cloud-based service, this new release is available to customers everywhere, effective immediately.

The Primary Themes of the Release

Symantec™ VIP Intelligent Authentication and Registered Computer

  • Simplified generation of VIP integration code for VPN. The VIP Manager policies for IA and RC now provide the option to easily generate the VIP integration code to include in your application's sign-in page.

VIP Manager Policy Configuration

  • Redesigned VIP Policy Configuration page. VIP policies have been reorganized for improved usability.
  • VIP Intelligent Authentication. VIP Manager now provides the following additional options for the...
Brendon Wilson | 13 Dec 2011 | 7 comments

 

Mobile wallet technology has once again become a hot topic in recent days, particularly around the potential security considerations related to these apps. The unavoidable truth is that whenever money is involved, mischief is sure to follow. I would guess this has been true since the dawn of currency.

Symantec recently published a paper detailing our stance that the widespread adoption of mobile payment-type technology will likely trigger a surge of mobile malware and in turn mobile cybercrime. The reason is that these applications rely on devices to transmit financial information – such as mobile banking credentials – backed by real monetary funds. If we’ve learned anything from the PC cybercrime realm, it’...

nicolas_popp | 12 Jul 2011 | 0 comments

Every so often in technology, new trends emerge to drive large changes to society by transforming our established computing paradigms. Cloud as a computing pattern is certainly not dissimilar. The cloud carries in itself all the genes of disruption that the PC, client-server and Web revolutions embodied before it. For many, cloud computing is the logical evolution of information technology towards the utility model. From an economic standpoint, it signals the great commoditization of IT.

When large technology shifts occur, opportunities arise for new and innovative companies to displace the large and sleepy incumbents within their core markets. To understand the cloud tectonic shift, and the potential losers and winners, I devised a simple visual representation that captures the competitive landscape of cloud computing. If...