240 likes | 392 Views
Intelligent Infrastructure Services. Gabriel Dusil VeriSign, Inc. Date: December 14, 2004. 21 st Century. 20 th Century. 19 th Century. Railroads. Intercontinental Air Transport, Electric Grids, Communications Networks. Internet. The Transformational Infrastructures.
E N D
Intelligent Infrastructure Services Gabriel Dusil VeriSign, Inc. Date: December 14, 2004
21st Century 20th Century 19th Century Railroads Intercontinental Air Transport, Electric Grids, Communications Networks Internet The Transformational Infrastructures • VeriSign operates intelligent infrastructure services that enable businesses and people to find, connect, secure, and transact across today’s complex, global networks • Intelligent Infrastructure is a new category, and the centerpiece of both our strategy and our external positioning
Scalability Adaptability Interoperability Reliability Security Visibility The Migration Drives a New Set of Requirements Networks Content & Applications Wireless, WAN, Broadband, LAN Music, Video, Collaboration, Messaging, Commerce Devices Users Government, Businesses, Service Providers, Consumers Phones, RF Tags, Modems, PCs, Server, Routers/Switches Addressing these challenges is key to developing new revenue streams and mitigating issues of cost, compliance, and complexity
Networks Content & Applications Wireless, WAN, Broadband, LAN Music, Video, Collaboration, Messaging, Commerce Devices Users Government, Businesses, Service Providers, Consumers Phones, RF Tags, Modems, PCs, Server, Routers/Switches Our solution: intelligent infrastructure services
Capture Key Verticals & Major Accounts Public Sector Healthcare Financial Services Telecommunications Utilities
VeriSign’s Global Security Infrastructure • Large and expanding International client base: Examples: International Power Company, Global Manufacturing, Fortune 500 Financials, International Telco • Global Infrastructure: Security Operations Centers: Providence, RI, Mountain View, CA, Geneva, Sydney (Q4-2004) & Tokyo (2005) Waltham Geneva 1H 04 Providence Dulles Mountain View Japan 1H 05 Australia2H 04 • Global Customer Base: 3500 MSS Devices under management • Global Security Consulting & Managed Security Services: 100 Consultants, 175 MSS employees, 40 Pre-Sales Support
Datamonitor on PKI ROI Increased eBusiness Involvement Return on PKI Cost of PKI Solution Positive ROI on PKI Revenue & Productivity Number of PKI enabled business processes Point of Investment End of Year 1 End of Year 2 End of Year 3
Down Time = € € Lost revenue depends on Industry Repair Time = € € € Forensics takes 10 times longer than the actual attack Public Image & Credibility = € € € € How much value to you associate with maintaining Trust with your customers If an Internet Banking site is defaced by a hacker would you want to keep your money there? Loss of Data = € € € € € € Is information restorable Did confidential information fall into the wrong hands? Legal Liabilities = € € € € € How liable are you if your network is compromised? Relative cost of training to recover from an attack = € eSecurity - Protection of Revenue…
The question is, “How much money could I potentially lose, if I don’t implement Security?” Security guards protects our premises from burglars Installing video surveillance (CCTV) protects our equipment and employees from burglars Installing Virus scanning protects our data from viruses, Trojan horses, & worms Installing firewalls & Intrusion Detection Systems protects our data from Hackers Installing UPS protects our facilities & IT from Lighting Strikes and Power surges, and Blackouts. Implementing Virtual Private Networks protects our communication infrastructure from hackers Public Key Infrastructure Protects data Integrity Protecting User Identity Establishes Trust Maintains Confidentiality Ensuring Non-Repudiation …from Internal, as well as External threats. Fear, Uncertainty and Doubt (FUD)!
So Where is the ROI in PKI? • PKI transcends traditional Security Solutions • Utilizing PKI is not only about saving money, it’s about making money! PKI Enables… • Confidentiality, Integrity, & Authentication • For Devices, Users, and Internet Companies • eCommerce • Payment services, B2C, eOrdering • Work flow • eProcurement, B2B, Supply Chain, ERP (Enterprise Resource Planning) • VPN services • Allows scalability of VPN’s, and the Internet to access private resources • Enables Electronic Document processing • eContracts, paperless office, eVoting, eTax returns
Increased risk of Fraud Phishing attacks Streamlining internal processes ensuring timely availability of information at multiple levels Business and ROI rationalization For online banking technologies, due to past initiatives not meeting expectations Struggling to develop a Multi-channel approach Increased Credit Risk (eg. Worldcom/Enron, 3G licenses) Lack of Integration with back-end & CRM Ensuring privacy and security of financial transactions Financial Pains
Customer Centricity Lifetime loyalty is diminishing Service quality to drive Customer Centricity Infrastructure Resilience Effect of Sept. 11th on business continuity (eg. Disaster recovery) Quick response to attacks (eg. Code Red & Nimda viruses) 24x7 requirements for online security threats. Customer and supplier focus on security Regulation & Compliance Conformance to Signature Directives Data Protection (Privacy) Reduce cost of administration Single-Action management Reduce training costs Cost Reduction through outsourcing Reduce cost to help desk operations Self-care interfaces for password management Faster time to value Web interfaces Contain cost due to growth of resources and user churn Centralized policy based access control management Centralized user management Toolkits for expandability Solutions
Receipt Acknowledgement Secure Disclosure (“I Agree” eSignature) Reduced Fraud & Liability Risk Automated Services (Change of Address) Revenue Opportunities AAA: Authentication & Accounting Reset Password (Authentication) Transaction Signing (non-Repudiation New Services (Credit, Loans, Cards) Contract or Agreement Signing Large Funds Transfer Cheque Ordering Cheque Ordering Funds Transfer Funds Transfer Bill Payment Bill Payment View Balance View Balance Credit Request Credit Request Access Control Access Control ID & Password PKI & Digital Certificates PKI Enables Banking Applications
Account Set Up Critical Business Issues Before VeriSign: Opening an Online Brokerage Account Client Mails in Check to Open Account Completes and Signs Forms Mails Forms to Bank Prints Out Forms Potential Client Goes Online to Set Up Brokerage Account Bank Mails Member Agreement Bank Does Credit Check Elapsed Time - Weeks
Business Consequences Unanticipated Consequences Bank’s Goals 80% Drop off rate: customers frustrated with process Grow Customer Base Paper-intensive, mailing costs, etc. Reduce Cost of Operations
Client trading A Track Record of Success • Return On Investment (ROI) • 120K new customers • Higher Security = Service Value • 90% reduction in activation time • Reduced errors in data processing After VeriSign: Opening an Online Brokerage Account Approved client receives digital certificate Electronic Bank Credit checking Client enters info into web site Potential Client Goes Online to Set Up Brokerage Account Elapsed Time - 3-5 minutes
Business Challenge VeriSign Solution • Digital certificates issued by Barclays to all online clients • Leveraging VeriSign’s global PKI service • Design and implementation of fully automated account set up process Results • Reduced account set-up time from weeks to minutes • Acquired 125,000 clients in one year • Increased online trading volume by 10X Managed PKI Service • Grow online brokerage business by enabling secure online transactions • Simplify account set-up process • Dramatically reduce 80% abandonment rate
Brokerage Community Banking Community Insurance Community Portal Portal Authentication Authentication Digital Certificates Banking Communities Chain using Digital Certificates
Company or Individual Credentials (Certificates) would no longer be trusted Email may contain malicious code Malicious Software could be distributed (Code Signing) Certificates may not represent the device, user, or company non-repudiation is compromised Electronic signatures are not valid Fraudulent transactions could occur Unauthorized access to confidential resources Must ensure that someone (eg. Hacker, Competitor, etc) can not issue certificates on behalf of the CA. What if the CA were compromised? Public Class 2 Company Public Root Company CA #1 Company CA #2 Company CA #3
We need to ensure CA integrity Protection of the CA’s private key, Certificates, Stored Keys, Digital Notarization, Revocation Lists Why is CA Trust so Important? The user can be sure the certificate is genuine CA has established Infrastructure to ensure Trust The CA becomes a Trusted Third Party in Legal issues Protecting Integrity of the Certificate Authority VeriSign Company Root Division #1 Division #2 Division #3
Why a Co-Managed Approach? • Allow customer to focus on their core business • Minimize purchase of hardware & software • Reduce Total Cost of Ownership • Avoid Hidden costs of managing your own network security • Transfer Liability to a third party • Co-Management allows for seamless scalability • Move the “blue collar” role to the TTP and take on a “white collar” approach to certificate management • Faster response to regulation conformance • Transfer responsibility of technology upgrades to the TTP • Reduces additional training, hardware, and software investments • Customers Still Have full Control • *TTP = Trusted Third Party
Is your Trusted Third Party Trusted Third Parties
Intelligent Infrastructure Services Gabriel Dusil VeriSign, Inc. Date: December 14, 2004