Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Venafi Launches Certificate-based Mobile Device “Kill Switch”

Venafi, a Salt Lake City, Utah-based provider of enterprise key and certificate management solutions, has launched a new product that the company describes as a mobile device “kill switch” which gives IT security teams the ability to instantly cut off mobile access to applications and networks when suspicious activity is detected.

Venafi, a Salt Lake City, Utah-based provider of enterprise key and certificate management solutions, has launched a new product that the company describes as a mobile device “kill switch” which gives IT security teams the ability to instantly cut off mobile access to applications and networks when suspicious activity is detected.

The new offering, Mobile Certificate Manager, is designed to protect companies from the increasing use of digital certificates for malicious purposes, the company said.

Built on Venafi’s Director platform, Mobile Certificate Manager enables IT security teams to identify risks from the use of mobile certificates and take action to prevent unauthorized network access and data theft.

By levering Venafi’s Mobile Certificate Manager, security managers can recognize digital certificate anomalies, such as duplicate or orphaned certificates that might provide unauthorized access, and take immediate action to remediate by revoking certificates across one or more devices.

The solution currently integrates with and complements Mobile Device Management (MDM) systems, including solutions from MobileIron and AirWatch.

“Bad actors and cybercriminals have proven time and time again that once they gain access to unprotected certificates they can authenticate into networks and gain access to corporate information,” Venafi explained. “The use of certificates for users, mobile devices, and mobile applications is becoming more attractive as enterprises look to reduce the use of passwords and improve usability. Enterprises can now secure and protect the trust established by certificates issued to users, mobile devices, and mobile applications to stop cybercriminals from using stolen, forged or hijacked mobile certificates to authenticate infiltrate networks.”

“Passwords remain one of the weakest links in IT security. Simple passwords are used too often, and the same password is used with too many different services. New demands for mobile usability have changed the situation and enterprises are keen to explore other options,” said Song Chuang, Research Director at Gartner. “The good news is that there are viable alternatives including user certificates. Implemented properly for suitable scenarios, certificate-based authentication can provide a high level of security, as well as a great UX,” according to Chuang.

“Enterprises have lost control of the technology that establishes trust that all IT security is built on: cryptographic keys and digital certificates. Organizations are falling further and further behind every time a new mobile device or application is added to the network,” said Jeff Hudson, CEO, Venafi. “You can remote wipe a mobile device, but that does not remove the risk of potentially rogue or compromised mobile certificates being used against the enterprise.”

Advertisement. Scroll to continue reading.

Mobile Certificate Manager delivers features and benefits to secure and protect enterprise use of mobile certificates, including:

Secure MDM Policy Enforcement: Seamless integration with existing MDM solutions such as MobileIron and AirWatch allows customers to leverage them to easily enforce policies such as required key lengths and approved Certificate Authorities (CAs) for mobile devices and applications.

User Certificate Mapping: Customers can view all mobile user and device certificates issued to a single user and identify certificate anomalies such as duplicate, orphaned, and unneeded certificates.

Single-click Revocation: Customers can immediately revoke mobile and user certificates associated with employees that have left the company or been reassigned to prevent unauthorized access to corporate information. This “kill switch” technology empowers IT security teams to respond and remediate immediately to risks.

Automatic CA Import: Automatically connect to one or more certificate authority (CA) to import certificates that are not in the Director inventory. System administrators can easily define rules for importing specific certificates, designate where they are placed in the Director hierarchy, and schedule when certificates are automatically imported.

Flexible CA Migration: After determining which CA best meets their mobile certificate requirements, customers can leverage their MDM to connect with the CA and then automate certificate issuance and revocation for all mobile devices and applications.

Centralized Policy Enforcement: Analytics intelligence enables system administrators to examine, correlate and view their organization’s certificates and keys across all users and to detect anomalous certificates.

More information on Mobile Certificate Manager is available online

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.