Flexible Vetting: Using a point System to Verify Identity. Jesse Rankin & Bert Bee-Lindgren Georgia Tech InCommon Assurance Call May 6, 2015

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Flexible Vetting: Using a point System to Verify Identity. Jesse Rankin & Bert Bee-Lindgren Georgia Tech InCommon Assurance Call May 6, 2015"

Transcription

1 Flexible Vetting: Using a point System to Verify Identity Jesse Rankin & Bert Bee-Lindgren Georgia Tech InCommon Assurance Call May 6, 2015

2 Agenda History Theory Practice Future

3 Vetting at Georgia Tech Self-service password recovery, v1 Same Security for everyone A Google incident cannot lead to a FERPA report GT Registrar Security Question, Shared secret, Repeat è Low success, helpdesk rates still high Pressures to improve Affiliation growth, far beyond students & employees Parents, applicants, guests, alumni, former employees, retirees, online students, etc Competition Beyond kneejerk My bank is easier than this Continuing-education alternatives Separate alumni accounts

4 What we learned Vetting security should be proportional to the account s access verification or Several rounds of questions Or, sometimes, in-person process is required Affiliations approximate security requirements Many password-recovery processes Self Service, IT Helpdesk, Registrar, PE, Delegated Admins Endless conversations can actually lead somewhere General agreement quickly, the rest took 2.5 years

5 Theory: An Approach Assemble questions from many places Enterprise: SIS, HRMS, Data Warehouse Alumni BuzzCard Housing Identity Score the questions Security value Difficulty - Phone (voice/text) - - Address (MC) - Plain answer Security levels assigned to Affiliations & Apps (Vetting disabled for some people)

6 Result: Flexible Vetting SelfService Claiming SelfService Recovery HelpDesk Phone Recovery BuzzCard PhotoID Verification PhotoID Upload Vetting APIs Vetting Points & Rules SIS HRMS... Identity

7 Demo: Start

8 Demo: Account Claiming

9 Account Claiming Demo: Search

10 Vetting Demo: Pick Account

11 Vetting Demo: Phone &

12 Vetting Demo: /Phone PIN

13 Vetting Demo: More Questions

14 Vetting Demo: Success

15 Vetting Demo: Not Enough Points

16 Vetting Demo: PhotoID Upload

17 Vetting Demo: Phone Support

18 Buzzcard Issuance & Vetting Problem: Applicants have lower vetting requirement than Students Accounts don t magically become more secure Solution: Piggyback on BuzzCard process: ID Checking Mark account vetting_strength=100 after Student with PhotoID enters Password

19 BuzzCard Issuance, 3 Steps 1. Photo ID Check Barcoded receipt after PhotoID is checked 2. Kiosk User scans Receipt, enters Account Password 3. BuzzCard Desk Uses receipt, takes picture and prints card

20 Future More data sources Social & InCommon account binding Browser cookies... Alumni: Full vs Partial Access Remote Students Security requirement Compute from Account s privileges (instead of epa) Consider recent authentication requests MFA (NOT: Using token as a recovery question) Lower vetting requirements of MFA-protected accounts? BuzzCard issuance, v3 Phone-a-friend

21 Providing Comments on NIST JACOB FARMER CHAIR, ASSURANCE ADVISORY COMMITTEE

22 Please browse to: h.p://csrc.nist.gov/groups/st/ eauthen:ca:on/sp _call- comments.html Or h.p://1.usa.gov/1cgnc8p (these go to the same page)

23 What schemas for establishing iden:ty assurance have proven effec:ve in providing an appropriate amount of security, privacy, usability, and trust based on the risk level of the online service or transac:on? How do they differen:ate trust based on risk? How is interoperability of divergent iden:ty solu:ons facilitated?

24 Could iden:ty assurance processes and technologies be separated into dis:nct components? If so, what should the components be and how would this provide appropriate level of iden:ty assurance?

25 What innova:ve approaches are available to increase confidence in remote iden:ty proofing? If possible, please share any performance metrics to corroborate increased confidence levels.

26 What privacy considera:ons arising from iden:ty assurance should be included in the revision? Are there specific privacy- enhancing technologies, requirements or architectures that should be considered?

27 What requirements, processes, standards, or technologies are currently excluded from that should be considered for future inclusion?

28 Should a representa:on of the confidence level in a.ributes be standardized in order to assist in making authoriza:on decisions? What form should that representa:on take?

29 What methods can be used to increase the trust or assurance level (some:mes referred to as trust eleva:on ) of an authen:cated iden:ty during a transac:on? If possible, please share any performance metrics to corroborate the efficacy of the proposed methods.

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Audio: This overview module contains an introduction, five lessons, and a conclusion. Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules

More information

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES 1. Federation Participant Information 1.1 The InCommon Participant Operational Practices information below is for: InCommon Participant organization

More information

Business and Process Requirements Business Requirements mapped to downstream Process Requirements. IAM UC Davis

Business and Process Requirements Business Requirements mapped to downstream Process Requirements. IAM UC Davis Business and Process Requirements Business Requirements mapped to downstream Process Requirements IAM UC Davis IAM-REQ-1 Authorization Capabilities The system shall enable authorization capabilities that

More information

Can We Reconstruct How Identity is Managed on the Internet?

Can We Reconstruct How Identity is Managed on the Internet? Can We Reconstruct How Identity is Managed on the Internet? Merritt Maxim February 29, 2012 Session ID: STAR 202 Session Classification: Intermediate Session abstract Session Learning Objectives: Understand

More information

Welcome to the ODE Secure Web Portal User Guide

Welcome to the ODE Secure Web Portal User Guide Welcome to the ODE Secure Web Portal User Guide If you followed the directions below and cannot complete the sign-up process for some reason, please contact the Security Administrator by clicking this

More information

Using YSU Password Self-Service

Using YSU Password Self-Service Using YSU Password Self-Service Using YSU Password Self-Service Password Self-Service Web Interface Required Items: YSU (MyYSU) Directory account, Web browser This guide will assist you with using the

More information

Brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group.

Brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group. IAM Online Brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group. IAM Online is a new monthly series delivering interactive education on

More information

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201. PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize

More information

Update on Identity Management Initiatives: What Are Institutions, Agencies and Federations Doing?

Update on Identity Management Initiatives: What Are Institutions, Agencies and Federations Doing? Update on Identity Management Initiatives: What Are Institutions, Agencies and Federations Doing? Ann West, Michigan Technology University Jackie Charonis, Stanford University Nancy Krogh, University of

More information

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity

More information

Are Passwords Passé?

Are Passwords Passé? Are Passwords Passé? Deployment Strategies for Multifactor Authentication IAM Online December 10, 2014 Mike Grady, Scalable Privacy Project David Walker, Scalable Privacy Project Thank you to InCommon

More information

Step-up-authetication as a service

Step-up-authetication as a service Step-up-authetication as a service Pieter van der Meulen Technical Product Manager For more details see the report at: http://www.surfnet.nl/ Documents/rapport_Step-up_Authentication-as-a- Service_Architecture_and_Procedures_final.pdf

More information

SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT

SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT Dmitry Barinov SecureKey Technologies Inc. Session ID: MBS-W09 Session Classification: Advanced Session goals Appreciate the superior

More information

AllSeen Summit 2015: IoT: Taking PKI Where No PKI Has Gone Before Presented by: Scott Rea DigiCert Sr. PKI Architect ALLSEEN ALLIANCE

AllSeen Summit 2015: IoT: Taking PKI Where No PKI Has Gone Before Presented by: Scott Rea DigiCert Sr. PKI Architect ALLSEEN ALLIANCE AllSeen Summit 2015: IoT: Taking PKI Where No PKI Has Gone Before Presented by: Scott Rea DigiCert Sr. PKI Architect Agenda Slide Title 3 Trust and PKI 9 Web Security - PKI example 26 Traditional PKI Principles

More information

Employee Active Directory Self-Service Quick Setup Guide

Employee Active Directory Self-Service Quick Setup Guide Employee Active Directory Self-Service Quick Setup Guide (V2.0) Last update: 11/5/2014 Copyright 2014 InfraDog Inc. All rights reserved Corporate Phone: +1 (416) 473-4096, Fax: +1 (888) 863-3936, Email:

More information

HR Deans & Directors Meeting: IAM Update. July 14, 2015 Tuesday 2:00-2:30 p.m. Mass Hall, Perkins Room

HR Deans & Directors Meeting: IAM Update. July 14, 2015 Tuesday 2:00-2:30 p.m. Mass Hall, Perkins Room HR Deans & Directors Meeting: IAM Update July 14, 2015 Tuesday 2:00-2:30 p.m. Mass Hall, Perkins Room Agenda HarvardKey The Benefits Rollout Timeline A Sneak Peek POI Sponsored Affiliations Enhanced Functions

More information

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in InCommon Federation ( Federation ) enables the participant to use Shibboleth identity attribute sharing technologies to manage access

More information

The Benefits of an Industry Standard Platform for Enterprise Sign-On

The Benefits of an Industry Standard Platform for Enterprise Sign-On white paper The Benefits of an Industry Standard Platform for Enterprise Sign-On The need for scalable solutions to the growing concerns about enterprise security and regulatory compliance can be addressed

More information

Business Banking Customer Login Experience for Enhanced Login Security

Business Banking Customer Login Experience for Enhanced Login Security Business Banking Customer Login Experience for Enhanced Login Security User credentials uniquely identify each person who uses the banking platform. The intent of authentication is unequivocal verification

More information

Workday Mobile Security FAQ

Workday Mobile Security FAQ Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy

More information

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication Mobile App Activation Before you can activate the mobile app you must download it. You can have up to

More information

Identity and Access Management (IAM) Roadmap DRAFT v2. North Carolina State University

Identity and Access Management (IAM) Roadmap DRAFT v2. North Carolina State University Identity and Access Management (IAM) Roadmap DRAFT v2 North Carolina State University April, 2010 Table of Contents Executive Summary... 3 IAM Dependencies... 4 Scope of the Roadmap... 4 Benefits... 4

More information

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT Department of Veterans Affairs VA DIRECTIVE 6510 Washington, DC 20420 Transmittal Sheet VA IDENTITY AND ACCESS MANAGEMENT 1. REASON FOR ISSUE: This Directive defines the policy and responsibilities to

More information

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity

More information

Identity and Access Management PI-1 Demo. December 2, 2014 Tuesday 10:00 A.M. 6 Story Street

Identity and Access Management PI-1 Demo. December 2, 2014 Tuesday 10:00 A.M. 6 Story Street Identity and Access Management PI-1 Demo December 2, 2014 Tuesday 10:00 A.M. 6 Story Street Agenda Meeting Purpose and Intended Outcomes (5 min) PI-1 Business Objectives (5 min) Demo: User Data From the

More information

NOAA HSPD-12 PIV-II Implementation October 23, 2007. Who is responsible for implementation of HSPD-12 PIV-II?

NOAA HSPD-12 PIV-II Implementation October 23, 2007. Who is responsible for implementation of HSPD-12 PIV-II? NOAA HSPD-12 PIV-II Implementation What is HSPD-12? Homeland Security Presidential Directive 12 (HSPD-12) is a Presidential requirement signed on August 27, 2004 requiring Federal agencies comply with

More information

Who s There? A Methodology for Selecting Authentication Credentials. VA-SCAN October 5, 2009 Mary Dunker dunker@vt.edu

Who s There? A Methodology for Selecting Authentication Credentials. VA-SCAN October 5, 2009 Mary Dunker dunker@vt.edu Who s There? A Methodology for Selecting Authentication Credentials VA-SCAN October 5, 2009 Mary Dunker dunker@vt.edu Who s There? Driving by your house Do you care? Probably not -- anyone can look 2 Who

More information

Mobile Driver s License Solution

Mobile Driver s License Solution Mobile Driver s License Solution Secure, convenient and more efficient Improved identity protection through secure mobile driver s licenses The introduction of a mobile driver s license is a huge opportunity

More information

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity

More information

Configuration Guide - OneDesk to SalesForce Connector

Configuration Guide - OneDesk to SalesForce Connector Configuration Guide - OneDesk to SalesForce Connector Introduction The OneDesk to SalesForce Connector allows users to capture customer feedback and issues in OneDesk without leaving their familiar SalesForce

More information

Multi-Factor Authentication for your Analytics Implementation. Siamak Ziraknejad VP, Product Management

Multi-Factor Authentication for your Analytics Implementation. Siamak Ziraknejad VP, Product Management Multi-Factor Authentication for your Analytics Implementation Siamak Ziraknejad VP, Product Management 1 Agenda What is Multi-Factor Authentication & Why is it important The Usher Security Badge Badge

More information

Adding Receipts to your Certify Wallet

Adding Receipts to your Certify Wallet Adding Receipts to your Certify Wallet Log into Certify using your full Bowdoin College email address and your password. If you have forgotten your password click on the "Lost Password Wizard" from the

More information

Information Technology Policy

Information Technology Policy Information Technology Policy Identity Protection and Access Management (IPAM) Architectural Standard Identity Management Services ITP Number ITP-SEC013 Category Recommended Policy Contact RA-ITCentral@pa.gov

More information

Vendor Questions. esignatures Request for information InsureSign

Vendor Questions. esignatures Request for information InsureSign InsureSign Vendor Questions 1. Legal Compliance Questionnaire This section corresponds to legal requirements as outlined in the CSIO esignatures Advisory Report prepared by Fasken Martineau LLP. 1. Signing

More information

InCommon Federated Identity Management

InCommon Federated Identity Management InCommon Federated Identity Management www.incommon.org 1 The Problem Growing number of applications on-campus and outsourced or hosted All of these service providers must: Verify the identity of users

More information

Identity and Access Management PI-3 Demo. June 2, 2015 Tuesday 10:00-11:00 a.m. Lamont Forum Room

Identity and Access Management PI-3 Demo. June 2, 2015 Tuesday 10:00-11:00 a.m. Lamont Forum Room Identity and Access Management PI-3 Demo June 2, 2015 Tuesday 10:00-11:00 a.m. Lamont Forum Room Agenda Meeting Purpose and Intended Outcomes PI-3 Business Objectives Demo: HarvardKey User Interface Look

More information

Cloud Security: Yesterday, Today, and Tomorrow

Cloud Security: Yesterday, Today, and Tomorrow Cloud Security: Yesterday, Today, and Tomorrow Presentation by Gunnar Peterson www.arctecgroup.net 2005-9 Arctec Group Everything we think of as a computer today is really just a device that connects to

More information

Identity Management Overview. Bill Nelson bill.nelson@gca.net Vice President of Professional Services

Identity Management Overview. Bill Nelson bill.nelson@gca.net Vice President of Professional Services Identity Management Overview Bill Nelson bill.nelson@gca.net Vice President of Professional Services 1 Agenda Common Identity-related Requests Business Drivers for Identity Management Account (Identity)

More information

Biometric Recognition s Role in Identity Management

Biometric Recognition s Role in Identity Management Biometric Recognition s Role in Identity Management Elisa Bertino CS Department CERIAS Purdue University bertino@cs.purdue.edu Dr. Elisa Bertino 1 What is Digital Identity? Digital Identity: Digital identity

More information

Distance Education Policies and Procedures

Distance Education Policies and Procedures Distance Education Policies and Procedures These policies and procedures are designed to ensure Clayton State University compliance with Federal Regulations concerning the definition of distance vs. correspondence

More information

Event and Exam Attendance Made Easy Using Mobile Devices

Event and Exam Attendance Made Easy Using Mobile Devices Event and Exam Attendance Made Easy Using Mobile Devices University of Toronto Mississauga Office of the Registrar July 7 th 2014 Wendy Norman and Cesar A Mejia University of Toronto Full range of undergraduate

More information

All your apps & data in the cloud, all in one place.

All your apps & data in the cloud, all in one place. The Cloud Desktop For Business Unify Your Business IT Experience All your apps & data in the cloud, all in one place. The Cloud Desktop houses all of your organization's applications and data in one easy-to-access

More information

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003 Entrust Secure Web Portal Solution Livio Merlo Security Consultant September 25th, 2003 1 Entrust Secure Web Portal Solution Only the Entrust Secure Web Portal solution provides Security Services coupled

More information

Glossary of Key Terms

Glossary of Key Terms and s Branch Glossary of Key Terms The terms and definitions listed in this glossary are used throughout the s Package to define key terms in the context of. Access Control Access The processes by which

More information

Stephen Hess. Jim Livingston. Program Name. IAM Executive Sponsors. Identity & Access Management Program Charter Dated 3 Jun 15

Stephen Hess. Jim Livingston. Program Name. IAM Executive Sponsors. Identity & Access Management Program Charter Dated 3 Jun 15 Program Name Identity and Access Management (IAM) Implementation IAM Executive Sponsors Jim Livingston Stephen Hess 1 P age Project Scope Project Description The goal of this project is to implement an

More information

Inventory Management and Tracking System. Frequently Asked Questions

Inventory Management and Tracking System. Frequently Asked Questions Inventory Management and Tracking System System Information Frequently Asked Questions 1. What is IMATS? 2. What is IMATS Connect? 3. How was IMATS developed? 4. I already have an inventory management

More information

A unique biometrics based identifier, such as a fingerprint, voice print, or a retinal scan; or

A unique biometrics based identifier, such as a fingerprint, voice print, or a retinal scan; or SBA Procedural Notice TO: All SBA Employees CONTROL NO.: 5000-1323 SUBJECT: Acceptance of Electronic Signatures in the 7(a) and 504 Loan Program EFFECTIVE: 10/21/14 The purpose of this Notice is to inform

More information

Vetting, Proofing and Registration Focus Group

Vetting, Proofing and Registration Focus Group Vetting, Proofing and Registration Focus Group Group Participants Masume Assaf, University Office of International Programs Jason Gilham, University Outreach Paula Hamaty, University Outreach Tom Irwin,

More information

Innovations in Digital Signature. Rethinking Digital Signatures

Innovations in Digital Signature. Rethinking Digital Signatures Innovations in Digital Signature Rethinking Digital Signatures Agenda 2 Rethinking the Digital Signature Benefits Implementation & cost issues A New Implementation Models Network-attached signature appliance

More information

Element. Payment Processing. Integration of Element. using N-Site Applications 7/12/2011

Element. Payment Processing. Integration of Element. using N-Site Applications 7/12/2011 Element Payment Processing Integration of Element Payment Processing using N-Site Applications 7/12/2011 Copyright 2011 Ideal Software Systems, Inc., All Rights Reserved Element Payment Processing Integration

More information

Implementing two-factor authentication: Google s experiences. Cem Paya (cemp@google.com) Information Security Team Google Inc.

Implementing two-factor authentication: Google s experiences. Cem Paya (cemp@google.com) Information Security Team Google Inc. Implementing two-factor authentication: Google s experiences Cem Paya (cemp@google.com) Information Security Team Google Inc. Google services and personalization Identity management at Google 1. Internal

More information

Canadian Access Federation: Trust Assertion Document (TAD)

Canadian Access Federation: Trust Assertion Document (TAD) Participant Name: McGill University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert

More information

Multi-Factor Authentication: All in This Together

Multi-Factor Authentication: All in This Together Multi-Factor Authentication: All in This Together Host: Tom Barton, University of Chicago Speakers: IAM Online September 11, 2013 Eric Goodman, University of California Office of the President Mike Grady,

More information

Identity Access Management IAM 101. Mike Conlon Director of Data Infrastructure mconlon@ufl.edu

Identity Access Management IAM 101. Mike Conlon Director of Data Infrastructure mconlon@ufl.edu Identity Access Management IAM 101 Mike Conlon Director of Data Infrastructure mconlon@ufl.edu 1 Three Processes Identity Answers the question Who is in our environment? Authentication Answers the question

More information

Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014

Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014 Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent

More information

INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION

INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Information security is a critical issue for institutions of higher education (IHE). IHE face issues of risk, liability, business continuity,

More information

U.S. Department of State, Selects Syclo SMART Mobile Suite For Maximo

U.S. Department of State, Selects Syclo SMART Mobile Suite For Maximo U.S. Department of State, Selects Syclo SMART Mobile Suite For Maximo Presented by: Charles Kalajian Syclo, Federal Account Executive Steve Hamilton Syclo, Vice President of Sales John Bainbridge U.S.

More information

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics Jan Krhovják Outline Introduction and basics of PIV Minimum

More information

Table of Contents How to Use Portalguard

Table of Contents How to Use Portalguard Table of Contents How to Use Portalguard Overview... 2 What s Covered in this User Guide?... 2 Password Basics... 2 How do I change my password with Portalguard?... 3 I ve Forgotten My Password. How Do

More information

What s it all about? SAFE-BioPharma Association

What s it all about? SAFE-BioPharma Association What s it all about? SAFE-BioPharma Association Topics! ONC HIT Standards Committee! ASTM Standards 2 SAFE-BioPharma Association ONC HIT Standards Committee! Oct 21 st meeting Security & Privacy Consumer

More information

June 5, 2013 Ken Klingenstein. Identity Management, the Cloud, NSTIC and Accessibility

June 5, 2013 Ken Klingenstein. Identity Management, the Cloud, NSTIC and Accessibility June 5, 2013 Ken Klingenstein Identity Management, the Cloud, NSTIC and Accessibility Identity Management, the Cloud, NSTIC and Accessibility Contents Internet Identity Today Two types of cloud use cases

More information

Multi-Factor Authentication Job Aide

Multi-Factor Authentication Job Aide To start your account configuration and begin using Multi-Factor Authentication, log in to the CCHMC Multi-Factor Authentication User Portal at https://mfa.cchmc.org/multifactorauth. For assistance, please

More information

University of Maryland Active Directory Policies

University of Maryland Active Directory Policies University of Maryland Active Directory Policies Purpose of this policy Scope AD Forest Forest Schema & Data Visibility Account and Group Synchronization Account Creation and Password Forest Security Principle

More information

Georgia Tech Active Directory Policy

Georgia Tech Active Directory Policy Georgia Tech Active Directory Policy Policy No: None Rev 1.1 Last Revised: April 18, 2005 Effective Date: 02/27/2004 Last Review Date: April 2005 Next Review Date: April 2006 Status Draft Under Review

More information

Deriving a Trusted Mobile Identity from an Existing Credential

Deriving a Trusted Mobile Identity from an Existing Credential Deriving a Trusted Mobile Identity from an Existing Credential Exploring and applying real-world use cases for mobile derived credentials +1-888-690-2424 entrust.com Table of contents Approval of the mobile

More information

IT Transformation Program. Update 14 April 2004

IT Transformation Program. Update 14 April 2004 IT Transformation Program Update 14 April 2004 Key points: 1. The IT model is client-centric. 2. We meet the needs of faculty, staff & students by providing a portfolio of defined, intuitive, managed services.

More information

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Feature and Technical Overview Published: 2010-06-16 SWDT305802-1108946-0615123042-001 Contents 1 Overview: BlackBerry Enterprise

More information

SpringCM Troubleshooting Guide for Salesforce

SpringCM Troubleshooting Guide for Salesforce SpringCM Troubleshooting Guide for Salesforce July 2013 TABLE OF CONTENTS FAQS:... 3 WHY DID I NOT RECEIVE A SPRINGCM ACTIVATION EMAIL?... 3 WHY DON T MY SALESFORCE USERS HAVE ACCESS TO SPRINGCM?... 3

More information

Securing Adobe PDFs. Adobe - Certified Document Services Registration Authority (RA) Training. Enterprise Security. ID Verification Services

Securing Adobe PDFs. Adobe - Certified Document Services Registration Authority (RA) Training. Enterprise Security. ID Verification Services Web Security Enterprise Security ID Verification Services Signing Services Securing Adobe PDFs Adobe - Certified Document Services Registration Authority (RA) Training Introduction to CDS Certified Document

More information

Dundalk Institute of Technology. Password Standard. Version 1.0.2

Dundalk Institute of Technology. Password Standard. Version 1.0.2 Dundalk Institute of Technology Password Standard Version 1.0.2 Password Standard 1 Document Location..\DkIT_Policy_Documents\Standards and Guidelines Revision History Date of this revision: Date of next

More information

Invest in security to secure investments. Breaking SAP Portal. Dmitry Chastuhin Principal Researcher at ERPScan

Invest in security to secure investments. Breaking SAP Portal. Dmitry Chastuhin Principal Researcher at ERPScan Invest in security to secure investments Breaking SAP Portal Dmitry Chastuhin Principal Researcher at ERPScan 1 About ERPScan The only 360- degree SAP Security solu8on - ERPScan Security Monitoring Suite

More information

StarID Self Service Functions

StarID Self Service Functions Last updated: 6/12/2013 Send questions and suggestions to: Administrator.IAM@so.mnscu.edu Contents StarID support documentation... 3 StarID Web Site: starid.mnscu.edu... 4 Activate and Forgot Functions

More information

Finance Office. Related Website: https://www.wellsfargo.com/com/

Finance Office. Related Website: https://www.wellsfargo.com/com/ Finance Office Related Website: https://www.wellsfargo.com/com/ Table of Contents Introduction... 3 Cardholder Responsibility... 3 Getting Started... 3 Login... 3 Creating a New Pass Phrase... 4 Answering

More information

Attachment Y SaaS ITSM Demonstration and Scenarios

Attachment Y SaaS ITSM Demonstration and Scenarios Attachment Y SaaS ITSM Demonstration and Scenarios Demonstration and Oral Presentation Agenda In accordance with Section 1.16 of the RFP, each Presenter will be provided a 3 hour time period to discuss

More information

How to pull content from the PMP into Core Publisher

How to pull content from the PMP into Core Publisher How to pull content from the PMP into Core Publisher Below you will find step-by-step instructions on how to set up pulling or retrieving content from the Public Media Platform, or PMP, and publish it

More information

- S&I Framework Overview - 7/9/2015

- S&I Framework Overview - 7/9/2015 - S&I Framework Overview - 7/9/2015 Agenda Background on USPS Health Connect Key components leveraged in the solution Identity & Authentication Electronic Postmark Directed Exchange Demo of a Health Connect

More information

FAQ Golf Canada Score Centre

FAQ Golf Canada Score Centre FAQ Golf Canada Score Centre Customer Support Golf Canada is dedicated to offering the best customer support possible. Our goal is to respond to all requests within 24 hours. To receive customer support,

More information

Voice Authentication On-Demand: Your Voice as Your Key

Voice Authentication On-Demand: Your Voice as Your Key Voice Authentication On-Demand: Your Voice as Your Key Paul Watson, Vice President Relationship Technology Management Voice Search Conference March 2-4, 2009 Convergys Corporation A Global Leader in Relationship

More information

Teacher Activities Page Directions

Teacher Activities Page Directions Teacher Activities Page Directions The Teacher Activities Page provides teachers with access to student data that is protected by the federal Family Educational Rights and Privacy Act (FERPA). Teachers

More information

2-FACTOR AUTHENTICATION WITH

2-FACTOR AUTHENTICATION WITH 2-FACTOR AUTHENTICATION WITH 2X JUNE 2014 Two-Factor Authentication and Authy What is Two-Factor Authentication? Two-Factor Authentication is a process involving two stages to verify the identity of someone

More information

Mobile Device as a Platform for Assured Identity for the Federal Workforce

Mobile Device as a Platform for Assured Identity for the Federal Workforce Mobile Device as a Platform for Assured Identity for the Federal Workforce Dr. Sarbari Gupta President and CEO, Electrosoft U.S. Army Information Technology Agency (ITA) Security Forum Fort Belvoir Electrosoft

More information

NISTIC Pilot - Attribute Exchange Network. Biometric Consortium Conference - 2013

NISTIC Pilot - Attribute Exchange Network. Biometric Consortium Conference - 2013 NISTIC Pilot - Attribute Exchange Network Biometric Consortium Conference - 2013 Market Development Startup (2011) Unrealized Large Market Potential Evolving Value Props & Use-Cases Evolving Tech/Policy

More information

Security Best Practices for Microsoft Azure Applications

Security Best Practices for Microsoft Azure Applications Security Best Practices for Microsoft Azure Applications Varun Sharma Principal Security Engineer, Information Security & Risk Management (ISRM), Microsoft IT Service Lines Application Security Infrastructure

More information

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.

More information

Identity and Access Management Technical Oversight Committee

Identity and Access Management Technical Oversight Committee Identity and Access Management Technical Oversight Committee March 12, 2015 Thursday 1:00-2:00 p.m. 6 Story Conference Room Agenda Meeting Purpose and Intended Outcomes Approval of Previous Minutes (5

More information

p@$5w0rd??_ 300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

p@$5w0rd??_ 300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you Freja is an innovative solution to one of the biggest problems in the Internet era: How do you securely manage identities, access and credentials for a large number of users without costs going haywire?

More information

Authentication Tokens

Authentication Tokens State Capitol P.O. Box 2062 Albany, NY 12220-0062 www.its.ny.gov New York State Information Technology Standard IT Standard: Authentication Tokens No: NYS-S14-006 Updated: 05/15/2015 Issued By: NYS ITS

More information

Helpdesk 1-414-566-6740 Helpdesk@qg.com

Helpdesk 1-414-566-6740 Helpdesk@qg.com Introduction You have been identified as a Direct Marketing remote access user with the potential to access Customer Data. Direct Marketing customer requirements have mandated that Quad/Graphics associates

More information

SSO Case Study: The USPS Gives SSO Its Stamp of Approval. May 10, 2005. Wayne Grimes, Manager, Customer Care Operations, USPS

SSO Case Study: The USPS Gives SSO Its Stamp of Approval. May 10, 2005. Wayne Grimes, Manager, Customer Care Operations, USPS SSO Case Study: The USPS Gives SSO Its Stamp of Approval Wayne Grimes, Manager, Customer Care Operations, USPS May 10, 2005 Today s topics An overview of the USPS USPS SSO efforts Lessons we learned along

More information

RSA SecurID Certified Administrator (RSA Authentication Manager 8.0) Certification Examination Study Guide

RSA SecurID Certified Administrator (RSA Authentication Manager 8.0) Certification Examination Study Guide RSA SecurID Certified Administrator (RSA Authentication Manager 8.0) Certification Examination Study Guide Introduction The RSA SecurID Certified Administrator (CA) examination is based on the critical

More information

Business Online Banking Quick Users Guide

Business Online Banking Quick Users Guide Business Online Banking Quick Users Guide Business Online Banking Quick Users Guide Table of Contents Overview 2 First Time Login 2 Security 4 Contact Points 4 Registering your Browser / Computer 5 Adding,

More information

Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal

Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal This Application Note provides instructions for configuring Apps settings on the Cisco OnPlus Portal and Autotask application settings

More information

BlackShield ID Agent for Remote Web Workplace

BlackShield ID Agent for Remote Web Workplace Agent for Remote Web Workplace 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication may be reproduced,

More information

COMPUTER SERVICES HELP DESK USING METRICS FOR BUSINESS PROCESS IMPROVEMENT

COMPUTER SERVICES HELP DESK USING METRICS FOR BUSINESS PROCESS IMPROVEMENT EXECUTIVE SUMMARY This document provides an overview of how the Computer Services Help Desk utilizes metrics and other types of assessment tools in making data-driven decisions on how to improve its business

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

Soft tokens for SMS PASSCODE SMS PASSCODE 2014

Soft tokens for SMS PASSCODE SMS PASSCODE 2014 SMS PASSCODE 2014 Table of Contents Configuring SMS PASSCODE for soft tokens... 3 Pre-requisites... 3 Enabling token support in SMS PASSCODE... 3 Creating a Token Policy... 3 Create a new User Group Policy

More information

Federated Identity Management Checklist

Federated Identity Management Checklist Federated Identity Management Checklist This document lists the minimum (marked with an *) and recommended policy, process, and technical steps required to implement Federated Identity Management and operate

More information

U.S. Department of Veterans Affairs / Department of Defense. October 14-18, 2013

U.S. Department of Veterans Affairs / Department of Defense. October 14-18, 2013 October 14-18, 2013 1 ebenefits Briefing Training Objectives ebenefits overview Obtain Premium account 2 ebenefits Briefing Overview The ebenefits portal (www.ebenefits.va.gov) is a joint Department of

More information

Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch

Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch www.csnc.ch What

More information

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Human Resource (HR) and Security Awareness v1.0 September 25, 2013

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Human Resource (HR) and Security Awareness v1.0 September 25, 2013 DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Human Resource (HR) and Security Awareness v1.0 September 25, 2013 Revision History Update this table every time a new edition of the

More information