Prestigious Certification Is First Step in Creating Trusted Framework for Internet Ecosystem to Safeguard Identities
December 05, 2011
NEW YORK – Verizon is at the forefront of addressing the nation’s growing concerns about safeguarding online identities by becoming the first provider to earn a critical federal certification, permitting the company to issue strong digital identity credentials to government agencies and businesses in accordance with a set of predefined standards.
Verizon has earned the Identity, Credential and Access Management (ICAM) certification. ICAM, which was established by a subcommittee co-chaired by the General Services Administration and the Department of Defense, is responsible for aligning the government’s identity management activities to help safeguard online identities. Many industry observers see ICAM as a key first step in the development of the larger identity ecosystem envisioned by the White House for the protection of digital identities.
Verizon is the first identity provider to earn a level 3 certification (on a scale of one to four, with four as the highest level of identity assurance). Currently, no other identity providers are certified above level 1.
Earlier this year, the White House launched an identity-management initiative to make online transactions more trustworthy. This effort – known as the National Strategy for Trusted Identities in Cyberspace (NSTIC) – is aimed at creating an Internet-identity ecosystem that uses interoperable technology standards and policies to authenticate not only consumers, but also organizations and IT infrastructure.
“As the first ICAM certified identity provider at level 3, Verizon is leading an identity-management revolution with a simple premise: to let in the right people and keep out the wrong people,” said Peter Tippett, vice president, Verizon. “As the foundation of a new identity ecosystem, we intend to better safeguard Americans and protect sensitive organizational data. By doing so, we are taking an important step in addressing the nation’s identity issues.”
Verizon is a long-standing expert in investigating the causes and ramifications of stolen identities. Its 2011 Verizon Data Breach Investigations Report, issued earlier this year, revealed that stolen passwords and credentials were responsible for the second-highest most comprised type of data.
“With this step, Verizon is demonstrating great leadership in the identity space,” said Deborah Gallagher, acting director, identity assurance and trusted access division, General Services Administration. “We are encouraged to see the U.S. government’s vision take shape through the private sector, as we advance our strategy to develop a trusted Internet framework that would better protect users through strong identity programs.”
ICAM Certification Also Significant for Health Care Sector
The scope of ICAM’s relevance is sweeping. Health care organizations can improve security when following ICAM guidelines. Working with an approved ICAM level 3 certified identity provider removes the burden on organizations of creating and managing their own credentialing infrastructure.
Verizon Earns ICAM Level 3 Certification: The Highest Level Achieved To Date
The level 3 designation means Verizon is using multifactor authentication where multiple credentials (such as a user ID and a phone) are required to gain access to government and corporate networks. This enables more rigorous identity-vetting aimed at lowering risk.
Verizon’s credentials were verified by leading identity Trust Framework Provider Kantara Initiatives against the Identity Assurance Framework (enables a party to trust the identity and security assurances from an identity provider). (See related Kantara press release.)
Verizon Enterprise Identity Services Aimed at Protecting Users
Delivered via the cloud, Verizon Enterprise Identity Services are aimed at helping reduce the costs and complexity traditionally associated with identity rollouts. With this solution, users do not need to purchase additional hardware or software. If users lose a device, they can easily leverage a mechanism they already have -- such as a mobile or home phone -- or add an additional mechanism to retrieve their dynamic code for authentication.
Verizon through its Terremark subsidiary offers managed security services; governance, risk and compliance management solutions; data loss and prevention solutions; and identity management solutions, all delivered by the company’s more than 1,200 security professionals around the globe. More information is available by visiting Verizon Security Solutions. The company also provides ongoing security insight and analysis via the Verizon Security Blog.
Verizon Communications Inc. (NYSE, NASDAQ: VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to consumer, business, government and wholesale customers. Verizon Wireless operates America's most reliable wireless network, with more than 107 million total connections nationwide. Verizon also provides converged communications, information and entertainment services over America's most advanced fiber-optic network, and delivers integrated business solutions to customers in more than 150 countries, including all of the Fortune 500. A Dow 30 company with $106.6 billion in 2010 revenues, Verizon employs a diverse workforce of more than 195,000. For more information, visit www.verizon.com.
VERIZON’S ONLINE NEWS CENTER: Verizon news releases, executive speeches and biographies, media contacts, high-quality video and images, and other information are available at Verizon’s News Center on the World Wide Web at www.verizon.com/news. To receive news releases by e-mail, visit the News Center and register for customized automatic delivery of Verizon news releases.
|Brianna Carroll Boyle|