Video Screencast Help
Search Video Help Close Back
to help

Website Security Solutions

Showing posts tagged with Authentication Services
Showing posts in English
Why are the Certification Authority/Browser Baseline Requirements so important?
FranRosch | 18 Dec 2012 | 0 comments

Symantec has been a key driver in collaborative work with the CA/B Forum to develop a new set of baseline requirements for organization and domain validated SSL certificates. The CA/B Forum is an organization of leading Certification Authorities (CAs) and vendors of Internet browser software and other applications. The CA/B Baseline Requirements are documented in “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates v. 1.0”.

We are proud to announce that Symantec is adopting the new Baseline Requirements effective July 1st, 2012. 

The Baseline Requirements focus on providing clear standards for CAs on important topics including verification of identity, certificate content and profiles, CA security, revocation mechanisms, use of algorithms and key sizes, audit requirements, liability, privacy and confidentiality, and delegation (including external sub-...

Read more
OTA Announces the 2012 Online Trust Scorecard and Honor Roll
geoffnoakes | 18 Dec 2012 | 1 comment

I sat down today with Craig Spiezle, Executive Director of the Online Trust Alliance, at the Internet Retailer show in Chicago, to learn more about OTA’s Online Trust Honor Roll announcement.  This is the OTA's fourth annual Online Trust Honor Roll -- the report promotes for the adoption of best practices; it recognizes leaders, and it provides prescriptive advice to businesses and governments.  Symantec had made the OTA’s Online Trust Honor Roll 4 years in a row.  The report is located at https://otalliance.org/honorroll.html.

Among the changes in this year’s report:

  • Tools, methodology, and transparency: the OTA uses a number of publicly-available tools to capture...
Read more
AnDevCon 2012: New Code Signing Services to Protect Your App
AllenKelly | 18 Dec 2012 | 0 comments

Author: Dean Coclin, Senior Director of Business Development at Symantec

Today, I had the opportunity to meet over a hundred talented developers at AnDevCon 2012 during my session on “Challenges in Code Signing and Key Security."

Android has quickly become one of the most popular operating systems for mobile devices. It’s amazing how this ecosystem has changed. Only 5 years ago, Symbian was the #1 smartphone OS in the world and now its market share has dwindled down to a much smaller number. Five years ago we were also carrying around our Palm Treo devices, a company that no longer even exists and their WebOS has been literally thrown away by HP, their new parent.

It’s been an interesting month in the Bay Area as tech giants Oracle and Google battled each other in court over whether Android contains...

Read more
News: Authentication for Mobile at Vision 2012
FranRosch | 18 Dec 2012 | 1 comment

We started Vision 2012, our technology summit, with a bang this year.  Yesterday, Symantec made two significant mobile authentication announcements: Code Signing (CS) for Android and Certificate Intelligence Center (CIC) for Mobile.  To set the stage for extending our solutions to mobile, let’s do a quick recap of the current mobile threat landscape.  

With the growing uptake in smartphones and tablets, and their increasing connectivity and capability, there has been a corresponding increase in activity by malicious attackers.  Symantec’s 2012 Internet Security Threat Report revealed that mobile vulnerabilities increased by 93 percent in 2011 while at the same time, a rise in threats targeting the Android operating system occurred.  The report also showed that 2011 was the first year that mobile malware presented a tangible threat to...

Read more
Are You Really Saving Money With Self-Signed SSL Certificates?
Teresa Wingfield | 18 Dec 2012 | 0 comments

If you are using self-signed SSL certificates for internal sites such as corporate email servers, human resource portals, wikis, software development sandboxes, etc. you’re probably doing so because you think you’re saving your company a ton of money by not purchasing certificates from a third-party Certificate Authority.  But, for a number of reasons, this probably isn’t true. 

Self-signed certificates cost more than most  implementers realize because the total cost of ownership (TCO) of an SSL certificate is far more than just the price of the certificate. From security hardware, to management software, to data center space and more, the costs of establishing a secure self-signing architecture can quickly add up.  And, a do-it-yourself approach to SSL security may put an organization at risk for costly security breaches and lost trust.

“The Hidden Costs of Self-Signed SSL Certificates” is a new white paper that...

Read more
Symantec #SpotTheCheck TWITTER CONTEST
AllenKelly | 18 Dec 2012 | 0 comments

To participate in the contest, start surfing the Internet to find the new Norton Secured Seal. 

 

Once you have located the new seal, tweet the following phrase to qualify for a daily drawing: “I spotted the Norton Secured Seal at (insert publicly-accessible URL) #SpotTheCheck” hash tag in less than 140 English characters.

Entrants will be entered into a random drawing each day for a seven day period to win a $100 gift card to Amazon.com 

Full contest rules are below.

 

SPOT THE CHECK TWITTER CONTEST OFFICIAL RULES

THE “SPOT THE CHECK” TWITTER CONTEST IS OPEN TO LEGAL RESIDENTS OF THE 50 UNITED STATES AND THE DISTRICT OF COLUMBIA (EXCLUDING GUAM, PUERTO RICO...

Read more
Power of the Checkmark: Trust the Norton Secured Seal
FranRosch | 18 Dec 2012 | 1 comment

Today, the VeriSign seal got a new look and became the new Norton Secured Seal. 

One of the questions we get asked the most is why make this change to one of the most recognized trust marks on the Internet.  Our response, it just makes sense for us and for our customers.  By combining the power of the VeriSign checkmark with the industry’s most respected Norton brand, we are creating the most valued and highly visible security seal on the Internet.  Businesses will experience the same high security standards and protection that was delivered from the previous VeriSign seal.  The rigorous and proven authentication processes ensures their customers and information stays safe and secure.

The Value of a Trust Seal

The Norton Secured Seal is an indispensable tool and is valued by business customers for its proven ability to provide consumers a secure online experience while instilling confidence and trust in their...

Read more
Transitioning to the Norton Secured Seal
AllenKelly | 18 Dec 2012 | 1 comment

Over the next few weeks, we’ll be making a change to the trust mark on your websites. We are combining the VeriSign Checkmark with the industry-leading Norton brand to create the Norton™ Secured Seal. By bringing together these two well-known and respected brands, the new seal will not only prove to your site visitors that the site is secure, but may also increase traffic, add click-throughs and provide higher visibility in search results. Even before the official launch, a U.S. online consumer study found high recognition of the Norton Secured Seal.

We developed the new Norton Secured Seal to provide our customers with increased visibility and transactions, and plan to make this transition as smooth and seamless as possible. We understand that for many of our customers, having...

Read more
A Partner Tale – Transitioning to the Norton Secured Seal
Charla Bunton-Johnson | 18 Dec 2012 | 0 comments

JP Donnio, President, TBS Internet
Symantec Trust Services Platinum Partner

It can be difficult to let tried-and-true brands go, unless of course it’s replaced by a better and stronger brand. That is the case with Symantec’s transition from the VeriSign Seal to a Norton Secured Seal, powered by VeriSign combining the trust asset of both VeriSign and Symantec, the new Norton Secured Seal will be even stronger and more effective than its predecessor. Not only is it a positive evolution of the trust mark, but it is also an innovative solution to add to the range of products we offer our customers.

TBS...

Read more
Protecting digital certificates is everyone’s responsibility
FranRosch | 18 Dec 2012 | 2 comments

Yesterday Kaspersky Lab posted on their research blog that they had discovered a Trojan dropper file in the wild. The malicious code, designed to commit click fraud, was signed by a legitimately issued VeriSign code signing certificate. This was a result of private keys being compromised at one of our customers. The code signing certificate used to sign the malicious code was authenticated and issued by VeriSign to a legitimate organization. The certificate has since been revoked, as it appears that the private keys, which were controlled by the customer, have been compromised.

Allow me to emphasize that Symantec takes these situations very seriously. We’re working closely with the customer to resolve their security issue and to ensure that they are taking precautions and applying best practices for private key before we re-issue another code signing certificate to them. Symantec employs the highest levels of stringent authentication for every certificate we issue....

Read more