Thank you for sharing!

Your article was successfully shared with the contacts you provided.

Tim Callan is vice president for SSL product marketing at VeriSign, a Mountain View, CA-based company engaged in “intelligent infrastructure.” It operates a diverse array of network infrastructure, including two of the Internet’s thirteen root nameservers, the generic top-level domains for .com and .net, one of the largest SS7 signaling networks in North America, the RFID directory for EPCGlobal and a variety of security and telecom services.

Callan ensures the effectiveness of customer outreach for all aspects of VeriSign’s SSL business. The company says his frequent contact with customers, technologists and industry insiders “leaves him uniquely positioned to view and comment on the cutting edge of industry and technology trends with an eye to the customer’s perspective.” In his spare time, Callan is an award-winning author of short fiction and a festival-screened independent filmmaker. In the second of a two-part interview, GlobeSt.com asks Callan about some of the potential risks computer users can encounter online.

GlobeSt.com: What risks can employees inadvertently create for a company, such as surfing to fraud sites during their lunch hours?

Callan: Employees can bring a variety of risks into the organization. Two of these risks which are on the rise are malware attacks and spear phishing. Malware is a word that means any sort of software that was specifically designed to engage in malicious or criminal activity on a consumer’s system. Often fraud sites will try to trick visitors into allowing the site to install malware. These sites usually present to be legitimate businesses such as online greeting card sites and then ask the visitor to install some kind of “update” in order to see new content. This software is not what it claims to be at all but rather a piece of malicious code such as a “key-logger”–a software application that tracks all your online activity including passwords and credit card numbers and sends this information off to the criminal who operates it.

Another activity on the rise is called “spear phishing.” Spear phishing is the activity where a fraudster specifically targets the members of a certain organization (such as a company or a network of industry professionals) and pretends to be a legitimate member or partner of this organization in order to fool members into giving away information that the fraudster can then use for illegal personal gain. Spear phishers might be seeking to steal critical company information or they may be trying to fool employees into revealing access information that they can then use to enter secure networks or even steal funds directly.

GlobeSt.com: You say it’s important to take advantage of authentication credentials such as tokens for sensitive accounts like banking, health care information, and securities trading. Many users describe these to me as nuisances, probably because they don’t understand their function. How do these things protect the user?

Callan: With VIP, online users are needed to enter a unique 6-digit security code (Which changes every 30 seconds or so) each time they log in to sensitive accounts such as banking, healthcare etc. The 6-digit security code or one-time password is generated by a device carried by the user such as a token, credit card sized, mobile phone, etc.; and the code is entered after the user enters the username and password. Since we are now combining a username and password with an OTP generated by the device or credential carried by you, the account is much more secure. For example; even if someone steals your username and password, he/she will be unable to enter your sensitive account because they will not have the OTP. This makes the account more secure and protects the identities of the user. It is important to make the security solution easy-to-use and convenient for the user so that they adopt the extra security. With VIP and its Network approach, we are striving to make it easy and convenient for the user since the consumer can use the same credential across multiple sites. The Web user experience is entirely with the control of the business offering 2FA and so there is no adverse effect on the user experience.

Want to continue reading?
Become a Free ALM Digital Reader.

Once you are an ALM digital member, you’ll receive:

  • Unlimited access to GlobeSt and other free ALM publications
  • Access to 15 years of GlobeSt archives
  • Your choice of GlobeSt digital newsletters and over 70 others from popular sister publications
  • 3 free articles* across the ALM subscription network every 30 days
  • Exclusive discounts on ALM events and publications

*May exclude premium content
Already have an account?


Join GlobeSt

Don't miss crucial news and insights you need to make informed commercial real estate decisions. Join GlobeSt.com now!

  • Free unlimited access to GlobeSt.com's trusted and independent team of experts who provide commercial real estate owners, investors, developers, brokers and finance professionals with comprehensive coverage, analysis and best practices necessary to innovate and build business.
  • Exclusive discounts on ALM and GlobeSt events.
  • Access to other award-winning ALM websites including ThinkAdvisor.com and Law.com.

Already have an account? Sign In Now
Join GlobeSt

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.