Tag Archives: Verizon

U.S. Secret Service & Verizon to Join Forces on 2010 Data Breach Investigations Report

As part of its continuing effort to better understand security breaches and how they can be prevented, Verizon is joining forces with the United States Secret Service on this year’s Data Breach Investigations Report.

The 2010 DBIR, slated to be issued this summer, will feature aggregated findings from Verizon’s own caseload as well as hundreds of computer crime cases investigated by the Secret Service, in a first-of-its-kind collaboration.

By including Secret Service data, Verizon security researchers expect to gain a unique perspective on data breaches, including what happens after a breach to identify suspects, make arrests, and extradite foreign nationals, and how cybercriminals are prosecuted, among other new findings.

“Verizon is significantly broadening the scope of the 2010 DBIR to gain new insight into how data breaches occur, especially in the consumer sector,” said Peter Tippett, vice president of technology and innovation for Verizon Business. “With a greatly expanded dataset, this year’s report will give a more accurate picture of data breaches around the globe while delving into new areas in an effort to better arm organizations worldwide in the fight against cybercrime.”

Verizon Enterprise Risk and Incident-Sharing Framework at Work
In cooperation with Verizon, the Secret Service is using the Verizon Incident Sharing, or VERIS, framework — a not-for-profit, open-source structure to describe security incidents — to classify and analyze its 2009 breaches. Earlier this year, Verizon began publicly sharing this research framework, which the company uses to collect and analyze security-incident data for its landmark data breach investigations reports.

The VERIS framework will enable Verizon security researchers to compare the Secret Service’s caseload data with Verizon’s historical dataset to gain a better understanding of how security breaches occur and what can be done to better manage risk.

“Combating computer-related crimes targeting the U.S. financial infrastructure is a top Secret Service priority,” said Secret Service Assistant Director for Investigations Michael Merritt. “We are proud to partner with our colleagues in the private sector, academia and at all levels of government to better identify and prevent these insidious attacks.”

About United States Secret Service
The U.S. Secret Service has taken a lead role in mitigating the threat of financial crimes since the agency’s inception in 1865. As technology has evolved, the scope of the U.S. Secret Service’s mission has expanded from its original counterfeit currency investigations to also include emerging financial crimes alongside its protective mission. As a component agency within the U.S. Department of Homeland Security, the U.S. Secret Service has established successful partnerships in both the law enforcement and business communities – across the country and around the world – in order to effectively combat financial crimes.

Verizon and IBM Launch Private Cloud-Based Managed Data Protection Solution

With businesses looking more closely than ever at the economics of cloud computing, Verizon and IBM have expanded their relationship to deliver Managed Data Vault – a new private cloud service that provides secure, quick and reliable daily backups, and fast recovery of enterprise information.

Available from both companies, the new solution is designed to automatically transfer data from a client location to a specially designed off-site data center via Verizon’s secure high-speed private network. With Managed Data Vault, businesses can realize off-site data protection at onsite speeds while taking advantage of usage-based utility to meet data growth without limits.

Many companies today still transport their backup tapes by truck to an off-site location – a process that has proven to be a slow and unreliable approach to archiving – adding security concerns, time, complexity and cost to the data protection process.

“Through this exclusive relationship with IBM we are meeting a void in the online data protection market,” said Kerry Bailey, chief marketing officer for Verizon Business. “We know that enterprise clients struggle with how to efficiently back up and restore data securely while mitigating the inherent risks such as loss of data. By working with IBM as part of our overall cloud strategy, we are bringing to market an innovative solution that will help our clients maintain the stability of their business.”

Don DeMarco, IBM vice president of Business Continuity and Resiliency Services, said: “Managed Data Vault offers a broad array of enterprise data protection, not just for files, but for very large data stores and transactional data base content. Today, enterprises have different ways to address specific scenarios. Managed Data vault is a single, secure solution to help clients retrieve a file, restore a device, or recover from a serious outage emergency. Working with Verizon, we are addressing the needs of enterprise users with large data footprints, whether it’s 15, 50, 150 terabytes or even more.”

According to industry experts, the global backup and restore market will grow by about 4 percent annually and is currently sized at nearly $3 billion.

Managed Data Vault Ideal for Discriminating Companies
Verizon and IBM will leverage each other’s complementary capabilities to deliver the new solution. Verizon will provide its suite of leading global private data network solutions along with data center expertise, IT consulting services and application-aware capabilities, which give visibility into utilization and latency. IBM will supply backup infrastructure and management capabilities, supported by its extensive information protection expertise and more than 40 years experience in business continuity and resiliency.

“Partnerships are truly strategic when each party brings a different value proposition to the table,” said Melanie Posey, research director at IDC. “The combination of Verizon’s secure networking expertise and data center capabilities and IBM’s long history of providing electronic data management and protection solutions yields a unique end-to-end backup and recovery solution that is integrated with an enterprise’s existing wide-area network environment and fully managed in the cloud.”

Ideal for global enterprises with stringent security and performance requirements, Managed Data Vault is an excellent match for the financial, retail and health care services markets. The service is well-suited to a diverse mixture of applications, databases and operating system (OS) support services and comes complete with IT consulting services support to help organizations manage through this process.

This solution will initially be available to Verizon and IBM clients in the New York City metropolitan area.

Converged IP and IT Services Via a Cloud-Based Model
Verizon is leading the industry toward an “everything-as-a-service” (EaaS) model where cloud-based converged solutions are securely delivered through managed and professional services over the company’s global IP network. Verizon is assembling the key components of that unique and powerful approach to serving enterprises, and its new agreement with IBM is one more step in that evolution. The EaaS platform – with Verizon’s global IP network and data centers as its foundation — will enable enterprises to do business better by getting what they need, when they need it, where they need it.

DNIS billing vs LRN billing

One issue facing a lot of SIP providers today is over the last month an increasing number of carriers now bill for calls based on LRN (Local Routing Number) where they were previously billing based on DNIS digits (Dialed Number Identification Service).

The move from DNIS-based billing to LRN-based billing creates multiple issues for the SIP provider, but there are a couple that we encounter most frequently.

Over the last few months several wholesale VoIP carriers have switched from billing based on DNIS digits (Dialed Number Identification Service) to LRN based billing (Local Routing Number). LRN based billing uses local number portability data and that is causing some serious issues for SIP VoIP providers.

The main issue encountered is that many SIP providers do not have a billing system that is capable of LRN-based billing. Billing is very demanding on a day to day basis and most SIP providers do not want the added burden of either transforming or upgrading a billing system from DNIS-based billing to LRN-based billing.

Line-provider is now offering it’s LRN database dipping service to new customers. It can be accessed via Direct Mysql query,MS SQL server query, SIP call access & code 302 return with LRN in the SIP header, or via a DNS lookup.

ISO/IEC 17025 accreditation for Verizon’s ICSA Labs

verizon business

ICSA Labs, an independent division of Verizon Business, is the first independent security-product testing and certification laboratory to earn ISO/IEC 17025 accreditation, validating the laboratory’s world-class capabilities.

As the primary standard used to evaluate testing and calibration laboratories, ISO/IEC 17025 assesses a laboratory’s management and technical capabilities, including the operational effectiveness of its quality-management system and its policies, objectives and processes. The standard also evaluates staff competence and testing methodologies.

“ISO/IEC 17025 enhances the credibility of a laboratory by providing verification of quality-management systems and technical competence,” said Keith Greenaway, vice president at ANSI-ASQ National Accreditation Board / ACLASS, which provides laboratory accreditation for the standard. “By achieving this accreditation, ICSA Labs demonstrated that it maintains a quality-management system and is technically competent and able to produce valid and internationally accepted test results. This is the first commercial security product testing lab that we have accredited – a major accomplishment for ICSA Labs.”

To earn ISO/IEC 17025 accreditation, a laboratory must also comply with the strict quality-management system requirements contained in ISO 9001. ICSA Labs earned ISO/IEC 9001 certification in 2005.

The ISO/IEC 17025 accreditation is subject to reaccreditation every two years.

ICSA Labs, which for 20 years has produced reliable, accurate and objective test results, also as part of the ACLASS accreditation became the first laboratory recognized under the new NIST (National Institute of Standards and Technology) USGv6 Testing Program. The program helps to verify the security, conformance and interoperability of IPv6 products used by the U.S. federal government.

About ICSA Labs
ICSA Labs, an independent division of Verizon Business, offers vendor-neutral testing and certification of security products. Many of the world’s top security vendors submit their products for testing and certification at ICSA Labs. Businesses rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability.