Security Experts:

Venafi Launches Certificate-based Mobile Device "Kill Switch"

Venafi, a Salt Lake City, Utah-based provider of enterprise key and certificate management solutions, has launched a new product that the company describes as a mobile device "kill switch" which gives IT security teams the ability to instantly cut off mobile access to applications and networks when suspicious activity is detected.

The new offering, Mobile Certificate Manager, is designed to protect companies from the increasing use of digital certificates for malicious purposes, the company said.

Built on Venafi’s Director platform, Mobile Certificate Manager enables IT security teams to identify risks from the use of mobile certificates and take action to prevent unauthorized network access and data theft.

By levering Venafi’s Mobile Certificate Manager, security managers can recognize digital certificate anomalies, such as duplicate or orphaned certificates that might provide unauthorized access, and take immediate action to remediate by revoking certificates across one or more devices.

The solution currently integrates with and complements Mobile Device Management (MDM) systems, including solutions from MobileIron and AirWatch.

“Bad actors and cybercriminals have proven time and time again that once they gain access to unprotected certificates they can authenticate into networks and gain access to corporate information,” Venafi explained. “The use of certificates for users, mobile devices, and mobile applications is becoming more attractive as enterprises look to reduce the use of passwords and improve usability. Enterprises can now secure and protect the trust established by certificates issued to users, mobile devices, and mobile applications to stop cybercriminals from using stolen, forged or hijacked mobile certificates to authenticate infiltrate networks.”

"Passwords remain one of the weakest links in IT security. Simple passwords are used too often, and the same password is used with too many different services. New demands for mobile usability have changed the situation and enterprises are keen to explore other options," said Song Chuang, Research Director at Gartner. "The good news is that there are viable alternatives including user certificates. Implemented properly for suitable scenarios, certificate-based authentication can provide a high level of security, as well as a great UX," according to Chuang.

"Enterprises have lost control of the technology that establishes trust that all IT security is built on: cryptographic keys and digital certificates. Organizations are falling further and further behind every time a new mobile device or application is added to the network," said Jeff Hudson, CEO, Venafi. "You can remote wipe a mobile device, but that does not remove the risk of potentially rogue or compromised mobile certificates being used against the enterprise."

Mobile Certificate Manager delivers features and benefits to secure and protect enterprise use of mobile certificates, including:

Secure MDM Policy Enforcement: Seamless integration with existing MDM solutions such as MobileIron and AirWatch allows customers to leverage them to easily enforce policies such as required key lengths and approved Certificate Authorities (CAs) for mobile devices and applications.

User Certificate Mapping: Customers can view all mobile user and device certificates issued to a single user and identify certificate anomalies such as duplicate, orphaned, and unneeded certificates.

Single-click Revocation: Customers can immediately revoke mobile and user certificates associated with employees that have left the company or been reassigned to prevent unauthorized access to corporate information. This "kill switch" technology empowers IT security teams to respond and remediate immediately to risks.

Automatic CA Import: Automatically connect to one or more certificate authority (CA) to import certificates that are not in the Director inventory. System administrators can easily define rules for importing specific certificates, designate where they are placed in the Director hierarchy, and schedule when certificates are automatically imported.

Flexible CA Migration: After determining which CA best meets their mobile certificate requirements, customers can leverage their MDM to connect with the CA and then automate certificate issuance and revocation for all mobile devices and applications.

Centralized Policy Enforcement: Analytics intelligence enables system administrators to examine, correlate and view their organization's certificates and keys across all users and to detect anomalous certificates.

More information on Mobile Certificate Manager is available online

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.