Video Screencast Help
Search Video Help Close Back
to help

Authentication (User) Blog

Showing posts in English
Symantec VIP - September Product Updates
sambit | 20 Sep 2012 | 0 comments

The month of September has seen some of the significant product updates to Symantec VIP. Here is a summary of what’s new.

VIP Access Desktop 2.1 for Windows

Earlier this month we released VIP Access Desktop v2.1 for Windows with specific focus on our enterprise customers. Here are the salient features for the release:

  • Enterprise-friendly installation with MSI push
  • Accessibility support compliant with US Section 508
  • Credential “reset” with the VIP Service to resolve time synchronization issues
  • Optional credential deletion during uninstallation
  • All new Symantec look and feel

You can upgrade your existing installation of VIP Access Desktop 2.0.x to 2.1 through LiveUpdate, or download from http://idprotect.verisign.com or VIP Manager.

VIP Third-Party Integrations

Symantec VIP provides almost 25 enterprise third party application...

Read more
Symantec Managed PKI v8.5 Release Communication
Mona Salvi | 08 Aug 2012 | 2 comments

Purpose

Since our last communication announcing the availability of Symantec Managed PKI 8.4, Symantec has been adding new features to its Managed PKI platform. With version 8.5, the product now offers a rich collection of features that truly enhance the PKI experience for administrators and end users.
 

Feature Highlight Summary

This release focuses on improving the PKI experience for our enterprise lifecycle solutions by providing a smooth and holistic experience to the customers, thereby reducing the level of support burden for the enterprise administrators. Below are the highlights of the release:

  • LDAP Support for Enterprise Gateway
  • CSR Enrollment method for Domain Controller Certificates
  • Enhanced Support for iOS certificates
  • Enrollment code delivery through email
  • Custom post processing scripts upload and distribution (**Requires PKI Client...
Read more
How to Defeat the Two-factor Authentication-Killing Malware
Marty Jost | 08 Aug 2012 | 1 comment

A recent BBC article has shed further light on the fact that not all online security companies or products are created equal. According to the article, hackers have found a way around some banks’ two-factor authentication security devices and have gained access to customer accounts.

The article describes these attacks as “Man-in-the-Browser” attacks, where malware resides in the web browser on a person’s device and gets between the user and the website, changing what is seen by the user and altering their account information and finances without their knowledge.

The types of malware that are used in these attacks are specifically designed to avoid signature-based detection mechanisms so that some virus protection software will find it. This situation is terrifying to both users and banks, especially considering their multi-factor authentication becomes basically null and void when this malware attacks. Suddenly the thick iron wall of protection...

Read more
Symantec provides seamless certificate management for Apple iPADand iPhone users
Marty Jost | 08 Aug 2012 | 2 comments

According to a recent iPass Mobile Enterprise Report, iPhones are now more popular in enterprises than Blackberry and Android phones. With the growing popularity of iPhones and iPads in the workplace, it’s important that these tools have high quality security and certificate management.

Enter Symantec Managed Public Key Infrastructure (PKI) Service v8.3. As part of a larger mobile strategy, Symantec’s new Managed PKI v8.3 provides certificate management enhancements for Apple iOS devices. These enhancements significantly simplify certificate lifecycle management for enterprises when securing user and device authentication, email, data encryption, and applications that digitally sign data for business transactions.

We prepared these service enhancements to leverage the built-in Simple Certificate Enrollment Protocol (SCEP) found in...

Read more
Stronger Authentication Means Fewer Headaches in 2012
Marty Jost | 08 Aug 2012 | 3 comments

This past year provided many important lessons in online security and protection. Based on these lessons and because of the numerous cyberattacks and threats in 2011, many organizations and businesses are currently revamping their online security guidelines and systems in an effort to improve authentication compliance and abide by authentication best practices.

In January, the Federal Financial Institutions Examination Council (FFIEC) recent updates to its Authentication Guidelines went into effect, requiring up-to-date and strong authentication compliance for financial institutions. The purpose of the guidelines is to “provide a risk management framework for financial institutions offering Internet-based products and services to their customers. Institutions should use effective methods to authenticate the identity of customers and that the techniques employed should be commensurate with the risks associated with the products and services offered and the...

Read more
The Virtualization of Security and the Rise of Security as a Service
nicolas_popp | 08 Aug 2012 | 0 comments

 

 

In the same way, the cloud emerged from software virtualization, cloud security can only emerge from the process of virtualizing security itself. As virtualization separated software from hardware, allowing enterprise software to freely move first across servers and eventually to external cloud infrastructures, security must now be separated from enterprise applications so themselves can be replaced with new cloud applications and eventually move to specialized clouds. Enterprises worldwide are already embracing the cloud for email, CRM, file sharing, collaboration, HR and other functional business applications. To properly manage cloud risk and compliance, IT needs a consistent way to inject its own security policy across cloud applications. Since these applications are operated by different cloud providers with different security capabilities, distinct security frameworks and...

Read more
Breaking News: Announcing the latest Symantec Validation and ID Protection Service Release
Brendon Wilson | 04 Sep 2012 | 0 comments

The News

On January 31st, Symantec released a new version of Symantec™ Validation and ID Protection Service (VIP) (formerly VeriSign® Identity Protection Authentication Service) into production. As Symantec VIP is a cloud-based service, this new release is available to customers everywhere, effective immediately.

The Primary Themes of the Release

Symantec™ VIP Intelligent Authentication and Registered Computer

  • Simplified generation of VIP integration code for VPN. The VIP Manager policies for IA and RC now provide the option to easily generate the VIP integration code to include in your application's sign-in page.

VIP Manager Policy Configuration

  • Redesigned VIP Policy Configuration page. VIP policies have been reorganized for improved usability.
  • VIP Intelligent Authentication. VIP Manager now provides the following additional options for the...
Read more
Cybercrime and Mobile Finance: Like Flies to Honey
Brendon Wilson | 08 Aug 2012 | 7 comments

 

Mobile wallet technology has once again become a hot topic in recent days, particularly around the potential security considerations related to these apps. The unavoidable truth is that whenever money is involved, mischief is sure to follow. I would guess this has been true since the dawn of currency.

Symantec recently published a paper detailing our stance that the widespread adoption of mobile payment-type technology will likely trigger a surge of mobile malware and in turn mobile cybercrime. The reason is that these applications rely on devices to transmit financial information – such as mobile banking credentials – backed by real monetary funds. If we’ve learned anything from the PC cybercrime realm, it’...

Read more
From Windows to the Cloud: "Nothing is created, nothing is destroyed, everything transforms."
nicolas_popp | 08 Aug 2012 | 0 comments

Every so often in technology, new trends emerge to drive large changes to society by transforming our established computing paradigms. Cloud as a computing pattern is certainly not dissimilar. The cloud carries in itself all the genes of disruption that the PC, client-server and Web revolutions embodied before it. For many, cloud computing is the logical evolution of information technology towards the utility model. From an economic standpoint, it signals the great commoditization of IT.

When large technology shifts occur, opportunities arise for new and innovative companies to displace the large and sleepy incumbents within their core markets. To understand the cloud tectonic shift, and the potential losers and winners, I devised a simple visual representation that captures the competitive landscape of cloud computing...

Read more
Switching Authentication Providers: Three Key Questions
Brendon Wilson | 08 Aug 2012 | 0 comments

 

Last week, the Australian online edition of CIO magazine published a great set of questions your CEO should be asking IT staff about replacing their existing strong authentication solution. Three key questions in the article are particularly interesting in wake of the recent news from RSA:

  1. How much is distributing new tokens going to cost the organization?
  2. When will we receive the replacements? Six months? Twelve months?
  3. Are there any alternative two-factor authentication offerings that are lower cost and more convenient that would save the organization operating expenses without compromising security?

Most organizations seeking to mitigate the potential risk to their sensitive networks posed by the RSA breach...

Read more