14 DAY TRIAL // Venafi has announced the availability of Mobile Certificate Manager, a solution that’s designed to protect enterprises against attacks that leverage mobile certificates for network intrusions and data theft.
The company says that the Mobile Certificate Manager is a “kill switch” that enables IT security teams to identify risks and take immediate steps to mitigate them. The product can be integrated with popular mobile devices management systems such as AirWatch and MobileIron.
The features and benefits of the new solution include secure mobile device management policy enforcement, user certificate mapping, automated certificate authority imports, easy and fast certificate revocation, centralized policy enforcement, and flexible certificate authority migration.
“Passwords remain one of the weakest links in IT security. Simple passwords are used too often, and the same password is used with too many different services. New demands for mobile usability have changed the situation and enterprises are keen to explore other options,” noted Song Chuang, research director at Gartner.
“The good news is that there are viable alternatives including user certificates. Implemented properly for suitable scenarios, certificate-based authentication can provide a high level of security, as well as a great UX.”
As organizations seek to reduce the use of passwords, digital certificates are increasingly used, including for mobile devices and applications. However, there are risks associated with these practices. This is where the Mobile Certificate Manager steps in.
The solution allows IT security departments to keep a close eye on mobile and user certificates to ensure that they cannot be misused.
“Enterprises have lost control of the technology that establishes trust that all IT security is built on: cryptographic keys and digital certificates. Organizations are falling further and further behind every time a new mobile device or application is added to the network,” said Jeff Hudson, CEO, Venafi.
“You can remote wipe a mobile device, but that does not remove the risk of potentially rogue or compromised mobile certificates being used against the enterprise.”