by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : June 30, 2015
June 30, 2015 FCW.COM 25 The use of personal identity verification cards and Common Access Cards for government workers and contractors was mandated by Homeland Security Presidential Directive 12 in 2004. But now as mobile connectivity continues to grow in importance, the need for a new means of authentication has arisen — one that doesn’t involve attaching a card reader to every phone and tablet. Enter derived credentials. This alternate method of verification extracts the creden- tials on government-issued smart cards and embeds them directly into a mobile device or delivers them via near field com- munication, microSD cards, USB connec- tions or Universal Integrated Circuit Cards. In essence, credentials are extended from the card to the device, similar to the way one government-issued ID (e.g ., a driver’s license) can be used to obtain another (e.g ., a passport). The approach allows employees and contractors to use their mobile devices without having their PIV cards handy. And there are benefits beyond mobil- ity. For example, derived credentials could support automatic desktop lock- ing, which means that if a user’s mobile device moves a certain distance from his or her workstation, the desktop PC would lock down and require a pass- word to regain access. Because users are less likely to forget a mobile device than a card when leaving their desks, it could lead to fewer unattended network access points. There are some trade-offs. Hardware- based derived credentials — those embed- ded in a device —are more difficult to use than software-specific solutions, but they are more secure, less susceptible to malware and typically tamper-resistant if a device is lost or stolen. Software-specific solutions are more flexible and can accommodate multiple device types, but credentials that are stored on a removable card or a device’s standard internal storage are an easier target for malware that could crack or compromise the credentials. Although the solutions are not perfect, competing demands for increased mobile security and improved user experience mean more derived-credential systems are likely. “The first and next step is derived cre- dentials,” Christopher Roberts, vice presi- dent of Good Technology’s public sector, told FCW. “But we’re not done yet.” n How derived credentials make real mobility work BY ELI GORSKI Special Report BREAKING THROUGH THE SECURITY CLOUD TOPICS INCLUDE: SECURITY IS STILL A BARRIER TO CLOUD ADOPTION HYBRID CLOUD EmERGES AS THE FRONT RUNNER IAm IS ESSENTIAL FOR HYBRID CLOUDS ENCRYPTION IS TAGGED FOR DATA SECURITY COmPLIANCE IS A HEADACHE FOR CLOUD ADOPTION TO LEARN mORE, VISIT: FCW.COm/2015SNAPSHOTCYBERSECURITY sponsored by: 0630fcw_012-025.indd 25 6/10/15 9:40 AM
June 15, 2015
July 15, 2015