intelligent infrastructure services
DESCRIPTION
Intelligent Infrastructure Services. Gabriel Dusil VeriSign, Inc. Date: December 14, 2004. 21 st Century. 20 th Century. 19 th Century. Railroads. Intercontinental Air Transport, Electric Grids, Communications Networks. Internet. The Transformational Infrastructures. - PowerPoint PPT PresentationTRANSCRIPT
© 2004 VeriSign, Inc.
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Intelligent Infrastructure Services
Gabriel DusilVeriSign, Inc.
Date: December 14, 2004
2 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
The Transformational Infrastructures
+ VeriSign operates intelligent infrastructure services that enable businesses and people to find, connect, secure, and transact across today’s complex, global networks+ Intelligent Infrastructure is a new category, and the centerpiece of both our
strategy and our external positioning
Internet
21st CenturyRailroads
19th CenturyIntercontinental Air Transport,
Electric Grids, Communications Networks
20th Century
3 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Networks
Devices
Content & Applications
Users
Addressing these challenges is key to developing new revenue streams and mitigating issues of cost, compliance, and complexity
The Migration Drives a New Set of Requirements
Interoperability
SecurityReliability
AdaptabilityScalability
Visibility
Wireless, WAN, Broadband,LAN
Music, Video, Collaboration, Messaging, Commerce
Phones, RF Tags, Modems,PCs, Server, Routers/Switches
Government, Businesses,Service Providers, Consumers
4 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Our solution: intelligent infrastructure services
Networks
Devices
Wireless, WAN, Broadband,LAN
Phones, RF Tags, Modems,PCs, Server, Routers/Switches
Content & Applications
Users
Music, Video, Collaboration, Messaging, Commerce
Government, Businesses,Service Providers, Consumers
5 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Capture Key Verticals & Major Accounts
Public Sector
Financial Services Telecommunications Utilities
Healthcare
6 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
VeriSign’s Global Security Infrastructure
+Large and expanding International client base: Examples: International Power Company, Global Manufacturing, Fortune 500 Financials, International Telco+Global Infrastructure: Security Operations Centers: Providence, RI, Mountain View, CA, Geneva, Sydney (Q4-2004) & Tokyo (2005)
DullesProvidenceWaltham
Japan 1H 05
Mountain View
Australia2H 04
Geneva
1H 04
+Global Customer Base: 3500 MSS Devices under management+Global Security Consulting & Managed Security Services: 100 Consultants, 175 MSS employees, 40 Pre-Sales Support
7 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Datamonitor on PKI ROI
Point of Investment
End ofYear 1
End ofYear 2
Positive ROI on
PKI
Increased eBusiness
InvolvementReturnon PKI
Number of PKI enabled business processes
Cost of PKI Solution
End ofYear 3
Rev
enue
&
Prod
uctiv
ity
8 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
eSecurity - Protection of Revenue…
+ Down Time = € €+ Lost revenue depends on Industry
+ Repair Time = € € €+ Forensics takes 10 times longer
than the actual attack+ Public Image & Credibility = € € € €
+ How much value to you associate with maintaining Trust with your customers
+ If an Internet Banking site is defaced by a hacker would you want to keep your money there?
+Loss of Data = € € € € € €+ Is information restorable+ Did confidential information fall into the
wrong hands?+Legal Liabilities = € € € € €
+ How liable are you if your network is compromised?
+Relative cost of training to recover from an attack = €
9 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Fear, Uncertainty and Doubt (FUD)!+The question is, “How much money could I potentially lose, if I don’t implement Security?”
+ Security guards+ protects our premises from burglars
+ Installing video surveillance (CCTV) + protects our equipment and employees from
burglars+ Installing Virus scanning
+ protects our data from viruses, Trojan horses, & worms
+ Installing firewalls & Intrusion Detection Systems
+ protects our data from Hackers+ Installing UPS
+ protects our facilities & IT from Lighting Strikes and Power surges, and Blackouts.
+ Implementing Virtual Private Networks+ protects our communication infrastructure from
hackers
+Public Key Infrastructure+ Protects data Integrity+ Protecting User Identity+ Establishes Trust+ Maintains Confidentiality+ Ensuring Non-Repudiation
+ …from Internal, as well as External threats.
10 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
So Where is the ROI in PKI?
+PKI transcends traditional Security Solutions+Utilizing PKI is not only about saving money, it’s about making money! PKI Enables…
+ Confidentiality, Integrity, & Authentication+ For Devices, Users, and Internet Companies
+ eCommerce+ Payment services, B2C, eOrdering
+ Work flow+ eProcurement, B2B, Supply Chain, ERP (Enterprise Resource
Planning)+ VPN services
+ Allows scalability of VPN’s, and the Internet to access private resources
+ Enables Electronic Document processing+ eContracts, paperless office, eVoting, eTax returns
11 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Financial Pains
+ Increased risk of Fraud+ Phishing attacks
+ Streamlining internal processes+ ensuring timely availability of
information at multiple levels + Business and ROI rationalization
+ For online banking technologies, due to past initiatives not meeting expectations
+ Struggling to develop a Multi-channel approach
+Increased Credit Risk (eg. Worldcom/Enron, 3G licenses)+Lack of Integration with back-end & CRM+Ensuring privacy and security of financial transactions
12 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Solutions
+ Customer Centricity+ Lifetime loyalty is diminishing+ Service quality to drive Customer
Centricity+ Infrastructure Resilience
+ Effect of Sept. 11th on business continuity (eg. Disaster recovery)
+ Quick response to attacks (eg. Code Red & Nimda viruses)
+ 24x7 requirements for online security threats.
+ Customer and supplier focus on security
+ Regulation & Compliance + Conformance to Signature Directives+ Data Protection (Privacy)
+Reduce cost of administration+ Single-Action management+ Reduce training costs
+Cost Reduction through outsourcing+Reduce cost to help desk operations
+ Self-care interfaces for password management
+ Faster time to value+ Web interfaces
+Contain cost due to growth of resources and user churn
+ Centralized policy based access control management
+ Centralized user management+ Toolkits for expandability
13 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
PKI Enables Banking Applications
Access ControlCredit RequestView BalanceBill Payment
Funds TransferCheque Ordering
ID & PasswordID & PasswordAccess ControlCredit RequestView BalanceBill Payment
Funds TransferCheque Ordering
PKI & Digital CertificatesPKI & Digital Certificates
Large Funds TransferContract or Agreement Signing
New Services (Credit, Loans, Cards)Transaction Signing (non-Repudiation
Reset Password (Authentication)AAA: Authentication & Accounting
Reduced Fraud & Liability RiskSecure Disclosure (“I Agree” eSignature)
Automated Services (Change of Address)
Receipt Acknowledgement
Rev
enue
Opp
ortu
nitie
sR
even
ue O
ppor
tuni
ties
14 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Critical Business Issues
Before VeriSign: Opening an Online Brokerage AccountBefore VeriSign: Opening an Online Brokerage Account
Account Set Up
Potential Client Potential Client Goes Online to Goes Online to
Set Up Set Up Brokerage Brokerage AccountAccount
Prints Out Prints Out FormsForms
Completes and Completes and Signs FormsSigns Forms
Mails Forms to Mails Forms to BankBank
Bank Does Bank Does Credit CheckCredit Check
Bank Mails Bank Mails Member Member
AgreementAgreement
Client Mails in Client Mails in Check to Open Check to Open
AccountAccount
Elapsed Time - Elapsed Time - WeeksWeeks
15 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
UnanticipatedConsequences
Bank’s Goals
Grow CustomerBase
Reduce Costof Operations
Business Consequences
80% Drop off rate: customers frustrated
with process
Paper-intensive, mailing costs, etc.
16 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
A Track Record of Success
+Return On Investment (ROI)+ 120K new customers+ Higher Security = Service Value+ 90% reduction in activation time+ Reduced errors in data processing
After VeriSign: Opening After VeriSign: Opening an Online Brokerage an Online Brokerage
AccountAccount
Potential Client Goes Potential Client Goes Online to Set Up Online to Set Up
Brokerage AccountBrokerage Account
Client enters info Client enters info into web siteinto web site
Electronic Electronic Bank Credit Bank Credit
checkingchecking
Approved client Approved client receives digital receives digital
certificatecertificateClient
trading
Elapsed Time - Elapsed Time - 3-5 minutes3-5 minutes
17 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Grow online brokerage business by enabling secure online transactions
Simplify account set-up process Dramatically reduce 80% abandonment rate
Business ChallengeBusiness Challenge
Digital certificates issued by Barclays to all online clients Leveraging VeriSign’s global PKI service Design and implementation of fully automated account set up
process
VeriSign SolutionVeriSign Solution
Reduced account set-up time from weeks to minutes Acquired 125,000 clients in one year Increased online trading volume by 10X
ResultsResults
Managed PKI Service
18 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Banking Communities Chain using Digital Certificates
Brokerage Brokerage Community
BankingCommunity
InsuranceCommunity
Digital Certificates
Port
al
Port
al
AuthenticationAuthentication
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
What if the CA were compromised?
+ Company or Individual Credentials (Certificates) would no longer be trusted+Email may contain malicious code+Malicious Software could be distributed
+ (Code Signing)+Certificates may not represent the device, user, or company+non-repudiation is compromised
+ Electronic signatures are not valid+Fraudulent transactions could occur+Unauthorized access to confidential resources
+Must ensure that someone (eg. Hacker, Competitor, etc) can not issue certificates on behalf of the CA.
CompanyCompanyPublic RootPublic Root
CompanyCompanyCA #1CA #1
CompanyCompanyCA #3CA #3
CompanyCompanyCA #2CA #2
Public Class 2Public Class 2
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Protecting Integrity of the Certificate Authority
+ We need to ensure CA integrity+ Protection of the CA’s private key,
Certificates, Stored Keys, Digital Notarization, Revocation Lists
+ Why is CA Trust so Important?+ The user can be sure the certificate is
genuine+ CA has established Infrastructure to
ensure Trust+ The CA becomes a Trusted Third Party
in Legal issues
CompanyCompanyRootRoot
DivisionDivision#1#1
DivisionDivision#3#3
DivisionDivision#2#2
VeriSignVeriSign
22 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Why a Co-Managed Approach?+ Allow customer to focus on their core business+ Minimize purchase of hardware & software+ Reduce Total Cost of Ownership+ Avoid Hidden costs of managing your own network security+ Transfer Liability to a third party+ Co-Management allows for seamless scalability+ Move the “blue collar” role to the TTP and take on a “white collar”
approach to certificate management+ Faster response to regulation conformance+ Transfer responsibility of technology upgrades to the TTP
+ Reduces additional training, hardware, and software investments+ Customers Still Have full Control
+ *TTP = Trusted Third Party
23 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Is your Trusted Third Party
© 2004 VeriSign, Inc.
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Intelligent Infrastructure Services
Gabriel DusilVeriSign, Inc.
Date: December 14, 2004