Video Screencast Help
Authentication (User) Blog
Showing posts in English
Brendon Wilson | 08 Jun 2011 | 0 comments

 

Given the events of the past 3 months, many of our customers have consulted us regarding mitigating the impact to their environment of the RSA SecurID breach. With the revelation that a breach at a major US defense contractor was perpetrated as a direct result of the attack on RSA, this question has become even more critical to answer. Time is of the essence for many organizations to protect their sensitive networks and applications from the fallout.

Symantec’s VIP Authentication Service is uniquely designed to address the concerns of customers impacted by the RSA SecurID breach, delivering:

  1.  A broad spectrum of authentication capabilities
  2. Customers can deploy traditional...
Christina Rohall | 07 Jun 2011 | 0 comments

...on behalf of Kerry Loftus, senior director of product management, User Authentication.

RSA SecurID has a long history and the recent events have been shocking for anyone in the security industry.  While the details of the RSA breach have still not been made public, the fact that its effect led directly to an attack on a defense contractor infer that the breach was serious and widespread.  For security professionals working with smaller budgets to protect their infrastructure from increasingly more sophisticated attacks this presents an interesting question – ok, now what?  There used to be a saying, “You’ll never get fired buying SecurID.”  Now its quite the opposite.

 So who’s on the shortlist?  Lots of authentication companies are chiming in and speed is of the essence.  But its critical...

Christina Rohall | 02 Jun 2011 | 0 comments

Numerous headlines about a massive spear phishing attack on top U.S. officials’ Gmail accounts hit earlier today alongside articles covering the ensuing Weinergate “ordeal,” leaving many to wonder, “Could this happen to me?” If you use a standard user name and password to access your online accounts, the answer is, “Yes, it could.”

While nobody is immune to online security threats-- after all, there are no silver bullets -- people can arm themselves with information and technologies that will minimize the chance they will fall victim.

One such technology that became available this year for Gmail and...

Christina Rohall | 01 Jun 2011 | 0 comments

On behalf of the User Authentication team....

Authentication has always played a central role in medical prescriptions for controlled substances, especially in preventing fraud and abuse. Today, Symantec Authentication helped improve that process even further for electronic prescriptions. We’re proud to announce that DrFirst, one of the country’s major providers of electronic prescription services, is using Symantec’s VeriSign Identity Protection (VIP) credentials in a landmark new product, EPCS Gold.

We’re excited for a number of reasons. First, we’re enabling  the first e-prescription product that follows the Drug Enforcement Administration (DEA)’s rules for electronic...

chalcon | 22 Apr 2011 | 2 comments

facebook logo.jpg

This week Facebook announced the availability of new security features for its users. Two significant features of note are the always-on "HTTPS" secure sessions, as well as the availability of two-factor authentication (aka strong authentication).

The use of "HTTPS" by websites enables secure information transmission, which helps protect users when sharing or sending personal information online. Many popular websites have added the HTTPS (where the "S" at the end of HTTP stands for "secure") this year due in part to the availability of interception tools like Firesheep. The presence of an SSL...

nicolas_popp | 20 Apr 2011 | 0 comments

Last week, the White House announced its official National Strategy for Trusted Identities in Cyberspace (NSTIC). NSTIC is the largest-ever effort by the federal government and private sector partners (including Symantec) to develop a secure, standards-based and interoperable online identity system. The goal: Improve the security and privacy of online interactions and more effectively fight cybercrime. Today's announcement marks the culmination of two years of effort by VeriSign (first as an independent company and later as part of Symantec) to help bring this important initiative to life.

At the heart of NSTIC is the concept of an Identity Ecosystem based on trusted identity frameworks. Trusted identity frameworks are the lynchpin to...

chalcon | 15 Feb 2011 | 0 comments

RSA 2011.jpeg

The RSA Conference 2011 at the Moscone Center in San Francisco has officially kicked off and the VIP team is starting the week off strong. Our VeriSign Identity Protection (VIP) Authentication Service is part of several exciting announcements this week and below is a brief look at what's in the news.

Ping Identity Integrates VIP to Deliver Cloud-Based Authentication with Single Sign-On
Ping Identity announced that it has integrated VIP into its PingFederate identity federate suite. The PingFederate Integration kit for VIP creates a solution that enables enterprises to secure remote workers with strong authentication, while providing them a single online identity with single sign-on across both internal applications and almost every leading cloud application. The complete press release can be found...

chalcon | 09 Feb 2011 | 0 comments

intel.jpeg

Today Symantec announced that it has been selected by Intel to integrate our VeriSign Identity Protection (VIP) credential into the Intel Identity Protection Technology (IPT) platform, found in select 2nd generation Intel Core processors. You can find the complete press release here for full details.

The combination of VIP and Intel IPT creates a new class of strong authentication credential for PC users that is embedded into the Intel chipset. Now VIP and Intel IPT can help prevent...

chalcon | 02 Feb 2011 | 0 comments

Carbon image.jpeg

According to a recent story in SearchSecurity.com UK, the EU Emissions Trading System was recently suspended by the European Union following what was described as "recurring security breaches in national registries over the last two months." The thefts involved $38 million worth of carbon credits.

Bloomberg reported that the latest breach occurred at Prague-based Electricity Market Operator (OTE), a government owned energy trading platform where over $7 million worth of carbon credits had been stolen and sold in the open market.

The Bloomberg story also reported that the OTE was due to introduce...

chalcon | 17 Jan 2011 | 0 comments

A Sacramento area man was recently arrested and pled guilty to hacking into numerous email accounts of women the U.S. and U.K. The man gained access to the email accounts by using information found on their Facebook profiles to help determine possible email passwords. After gaining access to their email accounts he would scan their email folders for personal information and then share that information with the entire contact list in the hacked email account. The full story can be found here.

In the video below the Bay Area ABC affiliate interviews Atri Chatterjee, vice president of Symantec's User Authentication group, to provide commentary on this story and the security vulnerabilities that come with simple "username and password" type authentication.