Verizon Tackles Growing Issue Of Stolen Credentials

Next-gen Enterprise Identity Services will now support popular devices, such as smartphones and tablets

July 15, 2011

4 Min Read


NEW YORK – Unauthorized access to corporate networks through stolen user names and passwords topped 45 percent in 2010, according to the Verizon 2011 Data Breach Investigations Report, making credentials the second most compromised data type.

To help address this growing security threat, Verizon is enhancing its cloud-based Enterprise Identity Services to give businesses more ways to authenticate users to corporate networks while offering strong security protection.

Verizon’s next-generation of Enterprise Identity Services will now support popular devices such as smartphones and tablets -- including those running on the iOS operating

system as well as Android and BlackBerry devices. This process will enable users to more easily gain access to corporate networks using two-factor authentication – a process where a dynamic code is issued to the end user that is used along with a personal identification number (PIN). In addition, Verizon’s identity services will now enable digital signing capabilities for contracts, wills and other legally-binding documents.

Two-Factor Authentication Offers a High Level of Protection for Users

Using readily available mobile devices for two-factor authentication significantly strengthens the security behind each user by incorporating additional intelligence such as phone number and location to validate a user’s identity. It also eases the implementation burden for consumers and enterprises, while offering multiple ways for users to authenticate to a network in the event their “token” is lost or stolen.

Traditionally, enterprises have used a specially issued single token or key-fob to gain network access, a process that requires extensive behind-the-scenes management and deployment of tokens for sometimes tens of thousands of workers leading to a time consuming and resource intensive process. It also generally does not include a built-in back up plan for lost or stolen tokens.

“With the release of our newest version of Enterprise Identity Services, we are changing the game for two-factor authentication,” said Peter Tippett, Verizon vice president of industry solutions and security practices. “Our expectation is that by strengthening authentication methods, we can significantly reduce enterprise security risk and improve the security of sensitive information while easing the burden on corporate IT departments.”

Digital Signing Capabilities Enable Better Business Outcomes

The new version of Enterprise Identity Services also brings digital signing capabilities to its users. Digital signatures are used in numerous industries, most commonly in the medical and legal fields. For instance, with this service, physicians can electronically prescribe controlled substances in accordance with Drug Enforcement Administration requirements. Other enterprise uses of digital signing include signing essential corporate documents, such as W-9 forms.

In conjunction with the new digital signing capabilities, Verizon Enterprise Identity Services also offers enterprise customers a mobile application known as ID Message Center, which allows users to monitor and track their digital signature activity.

Enhanced Identity Services Platform Based on Open Standards

Verizon’s enhanced identity platform adheres to the OATH (Initiative for Open Authentication) standards, which call for an open standards-based system that, like existing proprietary systems, require users to provide two “proofs” of identity. By using an open standards-based system, enterprises can use a range of ID token devices without changing existing back-end security systems.

Delivered via the cloud, Verizon Enterprise Identity Services are aimed at helping reduce the costs and complexity traditionally associated with identity rollouts. With this solution, users do not need to purchase additional hardware or software, and if users lose a device, they can easily add a secondary device to retrieve their dynamic code for authentication.

Verizon Business through its Terremark subsidiary offers managed security services; governance, risk and compliance management solutions; data loss and prevention solutions; and identity management solutions, all delivered by the company’s more than 1,200 security professionals around the globe. More information is available by visiting Verizon Security Solutions. The company also provides ongoing security insight and analysis via the Verizon Security Blog.

About Verizon

Verizon Communications Inc. (NYSE, NASDAQ:VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to mass market, business, government and wholesale customers. Verizon Wireless operates America's most reliable wireless network, with more than 104 million total connections nationwide. Verizon also provides converged communications, information and entertainment services over America's most advanced fiber-optic network, and delivers seamless business solutions to customers around the world. A Dow 30 company, Verizon employs a diverse workforce of more than 196,000 and last year generated consolidated revenues of $106.6 billion. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights