© 2004 verisign, inc. © copyright 2004 verisign, inc. all rights reserved – verisign proprietary...
TRANSCRIPT
© 2004 VeriSign, Inc.
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Intelligent Infrastructure Services
Gabriel Dusil
VeriSign, Inc.
Date: December 14, 2004
2 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
The Transformational Infrastructures
+ VeriSign operates intelligent infrastructure services that enable businesses and people to find, connect, secure, and transact across today’s complex, global networks+ Intelligent Infrastructure is a new category, and the centerpiece of both our
strategy and our external positioning
Internet
21st CenturyRailroads
19th CenturyIntercontinental Air Transport,
Electric Grids, Communications Networks
20th Century
3 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Networks
Devices
Content & Applications
Users
Addressing these challenges is key to developing new revenue streams and mitigating issues of cost, compliance, and complexity
The Migration Drives a New Set of Requirements
Interoperability
SecurityReliability
Adaptability
Scalability
Visibility
Wireless, WAN, Broadband,LANWireless, WAN, Broadband,LAN
Music, Video, Collaboration, Messaging, CommerceMusic, Video, Collaboration, Messaging, Commerce
Phones, RF Tags, Modems,PCs, Server, Routers/SwitchesPhones, RF Tags, Modems,PCs, Server, Routers/Switches
Government, Businesses,Service Providers, ConsumersGovernment, Businesses,Service Providers, Consumers
4 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Our solution: intelligent infrastructure services
Networks
Devices
Wireless, WAN, Broadband,LANWireless, WAN, Broadband,LAN
Phones, RF Tags, Modems,PCs, Server, Routers/SwitchesPhones, RF Tags, Modems,PCs, Server, Routers/Switches
Content & Applications
Users
Music, Video, Collaboration, Messaging, CommerceMusic, Video, Collaboration, Messaging, Commerce
Government, Businesses,Service Providers, ConsumersGovernment, Businesses,Service Providers, Consumers
5 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Capture Key Verticals & Major Accounts
Public Sector
Financial Services Telecommunications Utilities
Healthcare
6 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
VeriSign’s Global Security Infrastructure
+Large and expanding International client base: Examples: International Power Company, Global Manufacturing, Fortune 500 Financials, International Telco+Global Infrastructure: Security Operations Centers: Providence, RI, Mountain View, CA, Geneva, Sydney (Q4-2004) & Tokyo (2005)
DullesProvidence
Waltham
Japan 1H 05
Mountain View
Australia2H 04
Geneva
1H 04
+Global Customer Base: 3500 MSS Devices under management+Global Security Consulting & Managed Security Services: 100 Consultants, 175 MSS employees, 40 Pre-Sales Support
7 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Datamonitor on PKI ROI
Point of Investment
Point of Investment
End ofYear 1End ofYear 1
End ofYear 2End ofYear 2
Positive ROI on
PKI
Positive ROI on
PKI
Increased eBusiness
Involvement
Increased eBusiness
Involvement
Returnon PKIReturnon PKI
Number of PKI enabled business processes
Number of PKI enabled business processes
Cost of PKI Solution
Cost of PKI Solution
End ofYear 3End ofYear 3
Re
ven
ue
&
Pro
du
cti
vit
yR
ev
enu
e &
P
rod
uc
tiv
ity
8 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
eSecurity - Protection of Revenue…
+ Down Time = € €+ Lost revenue depends on Industry
+ Repair Time = € € €+ Forensics takes 10 times longer
than the actual attack
+ Public Image & Credibility = € € € €+ How much value to you associate
with maintaining Trust with your customers
+ If an Internet Banking site is defaced by a hacker would you want to keep your money there?
+Loss of Data = € € € € € €+ Is information restorable+ Did confidential information fall into the
wrong hands?
+Legal Liabilities = € € € € €+ How liable are you if your network is
compromised?
+Relative cost of training to recover from an attack = €
9 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Fear, Uncertainty and Doubt (FUD)!
+The question is, “How much money could I potentially lose, if I don’t implement Security?”
+ Security guards+ protects our premises from burglars
+ Installing video surveillance (CCTV) + protects our equipment and employees from
burglars+ Installing Virus scanning
+ protects our data from viruses, Trojan horses, & worms
+ Installing firewalls & Intrusion Detection Systems
+ protects our data from Hackers+ Installing UPS
+ protects our facilities & IT from Lighting Strikes and Power surges, and Blackouts.
+ Implementing Virtual Private Networks+ protects our communication infrastructure from
hackers
+Public Key Infrastructure+ Protects data Integrity
+ Protecting User Identity
+ Establishes Trust
+ Maintains Confidentiality
+ Ensuring Non-Repudiation
+ …from Internal, as well as External threats.
10 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
So Where is the ROI in PKI?
+PKI transcends traditional Security Solutions+Utilizing PKI is not only about saving money, it’s about making money! PKI Enables…
+ Confidentiality, Integrity, & Authentication+ For Devices, Users, and Internet Companies
+ eCommerce+ Payment services, B2C, eOrdering
+ Work flow+ eProcurement, B2B, Supply Chain, ERP (Enterprise Resource
Planning)
+ VPN services+ Allows scalability of VPN’s, and the Internet to access private
resources
+ Enables Electronic Document processing+ eContracts, paperless office, eVoting, eTax returns
11 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Financial Pains
+ Increased risk of Fraud
+ Phishing attacks
+ Streamlining internal processes+ ensuring timely availability of
information at multiple levels
+ Business and ROI rationalization+ For online banking technologies, due to
past initiatives not meeting expectations
+ Struggling to develop a Multi-channel approach
+Increased Credit Risk (eg. Worldcom/Enron, 3G licenses)
+Lack of Integration with back-end & CRM
+Ensuring privacy and security of financial transactions
12 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Solutions
+ Customer Centricity+ Lifetime loyalty is diminishing+ Service quality to drive Customer
Centricity
+ Infrastructure Resilience+ Effect of Sept. 11th on business
continuity (eg. Disaster recovery)+ Quick response to attacks (eg. Code
Red & Nimda viruses)+ 24x7 requirements for online security
threats.+ Customer and supplier focus on
security
+ Regulation & Compliance + Conformance to Signature Directives+ Data Protection (Privacy)
+Reduce cost of administration+ Single-Action management+ Reduce training costs
+Cost Reduction through outsourcing
+Reduce cost to help desk operations+ Self-care interfaces for password
management+ Faster time to value
+ Web interfaces
+Contain cost due to growth of resources and user churn
+ Centralized policy based access control management
+ Centralized user management+ Toolkits for expandability
13 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
PKI Enables Banking Applications
Access ControlAccess ControlCredit RequestCredit RequestView BalanceView BalanceBill PaymentBill Payment
Funds TransferFunds TransferCheque OrderingCheque Ordering
ID & PasswordID & PasswordID & PasswordID & PasswordAccess ControlAccess ControlCredit RequestCredit RequestView BalanceView BalanceBill PaymentBill Payment
Funds TransferFunds TransferCheque OrderingCheque Ordering
PKI & Digital CertificatesPKI & Digital CertificatesPKI & Digital CertificatesPKI & Digital Certificates
Large Funds TransferLarge Funds TransferContract or Agreement SigningContract or Agreement Signing
New Services (Credit, Loans, Cards)New Services (Credit, Loans, Cards)Transaction Signing (non-RepudiationTransaction Signing (non-Repudiation
Reset Password (Authentication)Reset Password (Authentication)AAA: Authentication & AccountingAAA: Authentication & Accounting
Reduced Fraud & Liability RiskReduced Fraud & Liability RiskSecure Disclosure (“I Agree” eSignature)Secure Disclosure (“I Agree” eSignature)
Automated Services (Change of Address)Automated Services (Change of Address)
Receipt AcknowledgementReceipt Acknowledgement
Rev
enu
e O
pp
ort
un
itie
sR
even
ue
Op
po
rtu
nit
ies
Rev
enu
e O
pp
ort
un
itie
sR
even
ue
Op
po
rtu
nit
ies
14 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Critical Business Issues
Before VeriSign: Opening an Online Brokerage AccountBefore VeriSign: Opening an Online Brokerage Account
Account Set Up
Potential Client Potential Client Goes Online to Goes Online to
Set Up Set Up Brokerage Brokerage AccountAccount
Prints Out Prints Out FormsForms
Completes and Completes and Signs FormsSigns Forms
Mails Forms to Mails Forms to BankBank
Bank Does Bank Does Credit CheckCredit Check
Bank Mails Bank Mails Member Member
AgreementAgreement
Client Mails in Client Mails in Check to Open Check to Open
AccountAccount
Elapsed Time - Elapsed Time - WeeksWeeksElapsed Time - Elapsed Time - WeeksWeeks
15 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
UnanticipatedConsequences
Bank’s Goals
Grow CustomerBase
Grow CustomerBase
Reduce Costof OperationsReduce Costof Operations
Business Consequences
80% Drop off rate: customers frustrated
with process
80% Drop off rate: customers frustrated
with process
Paper-intensive, mailing costs, etc.Paper-intensive,
mailing costs, etc.
16 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
A Track Record of Success
+Return On Investment (ROI)+ 120K new customers
+ Higher Security = Service Value
+ 90% reduction in activation time
+ Reduced errors in data processing
After VeriSign: Opening After VeriSign: Opening an Online Brokerage an Online Brokerage
AccountAccount
Potential Client Goes Potential Client Goes Online to Set Up Online to Set Up
Brokerage AccountBrokerage Account
Client enters info Client enters info into web siteinto web site
Electronic Electronic Bank Credit Bank Credit
checkingchecking
Approved client Approved client receives digital receives digital
certificatecertificateClient
trading
Elapsed Time - Elapsed Time - 3-5 minutes3-5 minutesElapsed Time - Elapsed Time - 3-5 minutes3-5 minutes
17 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Grow online brokerage business by enabling secure online transactions
Simplify account set-up process Dramatically reduce 80% abandonment rate
Business ChallengeBusiness Challenge
Digital certificates issued by Barclays to all online clients Leveraging VeriSign’s global PKI service Design and implementation of fully automated account set up
process
VeriSign SolutionVeriSign Solution
Reduced account set-up time from weeks to minutes Acquired 125,000 clients in one year Increased online trading volume by 10X
ResultsResults
Managed PKI Service
18 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Banking Communities Chain using Digital Certificates
Brokerage Brokerage CommunityBrokerage Brokerage
CommunityBanking
CommunityBanking
CommunityInsurance
CommunityInsurance
Community
Digital Certificates
Po
rtal
Po
rtal
Po
rtal
Po
rtal
AuthenticationAuthenticationAuthenticationAuthentication
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
What if the CA were compromised?
+ Company or Individual Credentials (Certificates) would no longer be trusted
+Email may contain malicious code
+Malicious Software could be distributed+ (Code Signing)
+Certificates may not represent the device, user, or company
+non-repudiation is compromised+ Electronic signatures are not valid
+Fraudulent transactions could occur
+Unauthorized access to confidential resources
+Must ensure that someone (eg. Hacker, Competitor, etc) can not issue certificates on behalf of the CA.
CompanyCompanyPublic RootPublic Root
CompanyCompanyCA #1CA #1
CompanyCompanyCA #3CA #3
CompanyCompanyCA #2CA #2
Public Class 2Public Class 2
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Protecting Integrity of the Certificate Authority
+ We need to ensure CA integrity+ Protection of the CA’s private key,
Certificates, Stored Keys, Digital Notarization, Revocation Lists
+ Why is CA Trust so Important?+ The user can be sure the certificate is
genuine+ CA has established Infrastructure to
ensure Trust+ The CA becomes a Trusted Third Party
in Legal issues
CompanyCompanyRootRoot
DivisionDivision#1#1
DivisionDivision#3#3
DivisionDivision#2#2
VeriSignVeriSign
22 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Why a Co-Managed Approach?
+ Allow customer to focus on their core business+ Minimize purchase of hardware & software+ Reduce Total Cost of Ownership+ Avoid Hidden costs of managing your own network security+ Transfer Liability to a third party+ Co-Management allows for seamless scalability+ Move the “blue collar” role to the TTP and take on a “white collar”
approach to certificate management+ Faster response to regulation conformance+ Transfer responsibility of technology upgrades to the TTP
+ Reduces additional training, hardware, and software investments+ Customers Still Have full Control
+ *TTP = Trusted Third Party
23 © Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Is your Trusted Third Party
© 2004 VeriSign, Inc.
© Copyright 2004 Verisign, Inc. All Rights Reserved – VeriSign Proprietary and Confidential
Intelligent Infrastructure Services
Gabriel Dusil
VeriSign, Inc.
Date: December 14, 2004