Some day, when I get enough CPU cycles, I am going to initiate the Spire PRUVIT records (and here’s a test volley). Unlike current “beauty contests” that are inherently qualitative and/or easily gamed, the Spire Pruvits are records that will be awarded to the enterprises that have the “largest” active deployment of any particular security solution. “Largest” may be qualified in a number of ways – by number of resources covered, volume of activity, or perhaps even a highest ratio of some sort.

The goal of the Pruvit is to validate the functional use and value of security products as well as highlight those companies that are “doing security right”. Secondarily, it will provide useful information to other enterprises that are wallowing in the marketing mire of security confusion by providing insight and ideas about solutions to their problems. All records will of course need some form of substantiation (they must “prove it” – get it ). Anonymity will be maintained if requested.

With that, I think I will try using this blog as a way to test out my Pruvit Records idea. I recently spoke to a vendor that suggested it had the “world’s largest deployment of authentication tokens” with somewhere over 4 million tokens issued. For my purposes, authentication tokens are typically one-time password tokens, USB keys, and smartcards, but not biometrics, soft tokens, or the like (at least for now).

Pruvit Record: Largest Two-Factor Authentication Token deployment

Candidate: 4 million plus tokens issued

This could be useful and interesting. Does anyone want to nominate anyone else in this category or any others?