© 2004 VeriSign, Inc. © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary...

© 2004 VeriSign, Inc.

© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential

Intelligent Infrastructure Services

Gabriel Dusil

VeriSign, Inc.

Date: December 14, 2004

2 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential

The Transformational Infrastructures

+ VeriSign operates intelligent infrastructure services that enable businesses and people to find, connect, secure, and transact across today’s complex, global networks+ Intelligent Infrastructure is a new category, and the centerpiece of both our

strategy and our external positioning

Internet

21st CenturyRailroads

19th CenturyIntercontinental Air Transport,

Electric Grids, Communications Networks

20th Century


Networks

Devices

Content & Applications

Users

Addressing these challenges is key to developing new revenue streams and mitigating issues of cost, compliance, and complexity

The Migration Drives a New Set of Requirements

Interoperability

SecurityReliability

Adaptability

Scalability

Visibility

Wireless, WAN, Broadband,LANWireless, WAN, Broadband,LAN

Music, Video, Collaboration, Messaging, CommerceMusic, Video, Collaboration, Messaging, Commerce

Phones, RF Tags, Modems,PCs, Server, Routers/SwitchesPhones, RF Tags, Modems,PCs, Server, Routers/Switches

Government, Businesses,Service Providers, ConsumersGovernment, Businesses,Service Providers, Consumers


Our solution: intelligent infrastructure services

Networks

Devices

Wireless, WAN, Broadband,LANWireless, WAN, Broadband,LAN

Phones, RF Tags, Modems,PCs, Server, Routers/SwitchesPhones, RF Tags, Modems,PCs, Server, Routers/Switches

Content & Applications

Users

Music, Video, Collaboration, Messaging, CommerceMusic, Video, Collaboration, Messaging, Commerce

Government, Businesses,Service Providers, ConsumersGovernment, Businesses,Service Providers, Consumers


Capture Key Verticals & Major Accounts

Public Sector

Financial Services Telecommunications Utilities

Healthcare


VeriSign’s Global Security Infrastructure

+Large and expanding International client base: Examples: International Power Company, Global Manufacturing, Fortune 500 Financials, International Telco+Global Infrastructure: Security Operations Centers: Providence, RI, Mountain View, CA, Geneva, Sydney (Q4-2004) & Tokyo (2005)

DullesProvidence

Waltham

Japan 1H 05

Mountain View

Australia2H 04

Geneva

1H 04

+Global Customer Base: 3500 MSS Devices under management+Global Security Consulting & Managed Security Services: 100 Consultants, 175 MSS employees, 40 Pre-Sales Support


Datamonitor on PKI ROI

Point of Investment

Point of Investment

End ofYear 1End ofYear 1


Positive ROI on

PKI

Positive ROI on

PKI

Increased eBusiness

Involvement

Increased eBusiness

Involvement

Returnon PKIReturnon PKI

Number of PKI enabled business processes

Number of PKI enabled business processes

Cost of PKI Solution

Cost of PKI Solution


Re

ven

ue

&

Pro

du

cti

vit

yR

ev

enu

e &

P

rod

uc

tiv

ity


eSecurity - Protection of Revenue…

+ Down Time = € €+ Lost revenue depends on Industry

+ Repair Time = € € €+ Forensics takes 10 times longer

than the actual attack

+ Public Image & Credibility = € € € €+ How much value to you associate

with maintaining Trust with your customers

+ If an Internet Banking site is defaced by a hacker would you want to keep your money there?

+Loss of Data = € € € € € €+ Is information restorable+ Did confidential information fall into the

wrong hands?

+Legal Liabilities = € € € € €+ How liable are you if your network is

compromised?

+Relative cost of training to recover from an attack = €


Fear, Uncertainty and Doubt (FUD)!

+The question is, “How much money could I potentially lose, if I don’t implement Security?”

+ Security guards+ protects our premises from burglars

+ Installing video surveillance (CCTV) + protects our equipment and employees from

burglars+ Installing Virus scanning

+ protects our data from viruses, Trojan horses, & worms

+ Installing firewalls & Intrusion Detection Systems

+ protects our data from Hackers+ Installing UPS

+ protects our facilities & IT from Lighting Strikes and Power surges, and Blackouts.

+ Implementing Virtual Private Networks+ protects our communication infrastructure from

hackers

+Public Key Infrastructure+ Protects data Integrity

+ Protecting User Identity

+ Establishes Trust

+ Maintains Confidentiality

+ Ensuring Non-Repudiation

+ …from Internal, as well as External threats.


So Where is the ROI in PKI?

+PKI transcends traditional Security Solutions+Utilizing PKI is not only about saving money, it’s about making money! PKI Enables…

+ Confidentiality, Integrity, & Authentication+ For Devices, Users, and Internet Companies

+ eCommerce+ Payment services, B2C, eOrdering

+ Work flow+ eProcurement, B2B, Supply Chain, ERP (Enterprise Resource

Planning)

+ VPN services+ Allows scalability of VPN’s, and the Internet to access private

resources

+ Enables Electronic Document processing+ eContracts, paperless office, eVoting, eTax returns


Financial Pains

+ Increased risk of Fraud

+ Phishing attacks

+ Streamlining internal processes+ ensuring timely availability of

information at multiple levels

+ Business and ROI rationalization+ For online banking technologies, due to

past initiatives not meeting expectations

+ Struggling to develop a Multi-channel approach

+Increased Credit Risk (eg. Worldcom/Enron, 3G licenses)

+Lack of Integration with back-end & CRM

+Ensuring privacy and security of financial transactions


Solutions

+ Customer Centricity+ Lifetime loyalty is diminishing+ Service quality to drive Customer

Centricity

+ Infrastructure Resilience+ Effect of Sept. 11th on business

continuity (eg. Disaster recovery)+ Quick response to attacks (eg. Code

Red & Nimda viruses)+ 24x7 requirements for online security

threats.+ Customer and supplier focus on

security

+ Regulation & Compliance + Conformance to Signature Directives+ Data Protection (Privacy)

+Reduce cost of administration+ Single-Action management+ Reduce training costs

+Cost Reduction through outsourcing

+Reduce cost to help desk operations+ Self-care interfaces for password

management+ Faster time to value

+ Web interfaces

+Contain cost due to growth of resources and user churn

+ Centralized policy based access control management

+ Centralized user management+ Toolkits for expandability


PKI Enables Banking Applications

Access ControlAccess ControlCredit RequestCredit RequestView BalanceView BalanceBill PaymentBill Payment

Funds TransferFunds TransferCheque OrderingCheque Ordering

ID & PasswordID & PasswordID & PasswordID & PasswordAccess ControlAccess ControlCredit RequestCredit RequestView BalanceView BalanceBill PaymentBill Payment

Funds TransferFunds TransferCheque OrderingCheque Ordering

PKI & Digital CertificatesPKI & Digital CertificatesPKI & Digital CertificatesPKI & Digital Certificates

Large Funds TransferLarge Funds TransferContract or Agreement SigningContract or Agreement Signing

New Services (Credit, Loans, Cards)New Services (Credit, Loans, Cards)Transaction Signing (non-RepudiationTransaction Signing (non-Repudiation

Reset Password (Authentication)Reset Password (Authentication)AAA: Authentication & AccountingAAA: Authentication & Accounting

Reduced Fraud & Liability RiskReduced Fraud & Liability RiskSecure Disclosure (“I Agree” eSignature)Secure Disclosure (“I Agree” eSignature)

Automated Services (Change of Address)Automated Services (Change of Address)

Receipt AcknowledgementReceipt Acknowledgement

Rev

enu

e O

pp

ort

un

itie

sR

even

ue

Op

po

rtu

nit

ies

Rev

enu

e O

pp

ort

un

itie

sR

even

ue

Op

po

rtu

nit

ies


Critical Business Issues

Before VeriSign: Opening an Online Brokerage AccountBefore VeriSign: Opening an Online Brokerage Account

Account Set Up

Potential Client Potential Client Goes Online to Goes Online to

Set Up Set Up Brokerage Brokerage AccountAccount

Prints Out Prints Out FormsForms

Completes and Completes and Signs FormsSigns Forms

Mails Forms to Mails Forms to BankBank

Bank Does Bank Does Credit CheckCredit Check

Bank Mails Bank Mails Member Member

AgreementAgreement

Client Mails in Client Mails in Check to Open Check to Open

AccountAccount

Elapsed Time - Elapsed Time - WeeksWeeksElapsed Time - Elapsed Time - WeeksWeeks


UnanticipatedConsequences

Bank’s Goals

Grow CustomerBase

Grow CustomerBase

Reduce Costof OperationsReduce Costof Operations

Business Consequences

80% Drop off rate: customers frustrated

with process

80% Drop off rate: customers frustrated

with process

Paper-intensive, mailing costs, etc.Paper-intensive,

mailing costs, etc.


A Track Record of Success

+Return On Investment (ROI)+ 120K new customers

+ Higher Security = Service Value

+ 90% reduction in activation time

+ Reduced errors in data processing

After VeriSign: Opening After VeriSign: Opening an Online Brokerage an Online Brokerage

AccountAccount

Potential Client Goes Potential Client Goes Online to Set Up Online to Set Up

Brokerage AccountBrokerage Account

Client enters info Client enters info into web siteinto web site

Electronic Electronic Bank Credit Bank Credit

checkingchecking

Approved client Approved client receives digital receives digital

certificatecertificateClient

trading

Elapsed Time - Elapsed Time - 3-5 minutes3-5 minutesElapsed Time - Elapsed Time - 3-5 minutes3-5 minutes


Grow online brokerage business by enabling secure online transactions

Simplify account set-up process Dramatically reduce 80% abandonment rate

Business ChallengeBusiness Challenge

Digital certificates issued by Barclays to all online clients Leveraging VeriSign’s global PKI service Design and implementation of fully automated account set up

process

VeriSign SolutionVeriSign Solution

Reduced account set-up time from weeks to minutes Acquired 125,000 clients in one year Increased online trading volume by 10X

ResultsResults

Managed PKI Service


Banking Communities Chain using Digital Certificates

Brokerage Brokerage CommunityBrokerage Brokerage

CommunityBanking

CommunityBanking

CommunityInsurance

CommunityInsurance

Community

Digital Certificates

Po

rtal

Po

rtal

Po

rtal

Po

rtal

AuthenticationAuthenticationAuthenticationAuthentication


What if the CA were compromised?

+ Company or Individual Credentials (Certificates) would no longer be trusted

+Email may contain malicious code

+Malicious Software could be distributed+ (Code Signing)

+Certificates may not represent the device, user, or company

+non-repudiation is compromised+ Electronic signatures are not valid

+Fraudulent transactions could occur

+Unauthorized access to confidential resources

+Must ensure that someone (eg. Hacker, Competitor, etc) can not issue certificates on behalf of the CA.

CompanyCompanyPublic RootPublic Root

CompanyCompanyCA #1CA #1



Public Class 2Public Class 2


Protecting Integrity of the Certificate Authority

+ We need to ensure CA integrity+ Protection of the CA’s private key,

Certificates, Stored Keys, Digital Notarization, Revocation Lists

+ Why is CA Trust so Important?+ The user can be sure the certificate is

genuine+ CA has established Infrastructure to

ensure Trust+ The CA becomes a Trusted Third Party

in Legal issues

CompanyCompanyRootRoot

DivisionDivision#1#1



VeriSignVeriSign


Why a Co-Managed Approach?

+ Allow customer to focus on their core business+ Minimize purchase of hardware & software+ Reduce Total Cost of Ownership+ Avoid Hidden costs of managing your own network security+ Transfer Liability to a third party+ Co-Management allows for seamless scalability+ Move the “blue collar” role to the TTP and take on a “white collar”

approach to certificate management+ Faster response to regulation conformance+ Transfer responsibility of technology upgrades to the TTP

+ Reduces additional training, hardware, and software investments+ Customers Still Have full Control

+ *TTP = Trusted Third Party


Is your Trusted Third Party

© 2004 VeriSign, Inc. © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary...

Documents

Transcript of © 2004 VeriSign, Inc. © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary...