Thursby releases secure email iOS app for iPad, iPhone

Thursby Software has announced the immediate release of its PKard Mail secure email app, available on Apple’s App Store.

Modeled after the native user interface of Apple’s Mail program, PKard Mail adds comprehensive support for US Government CAC and PIV identity cards. Additionally, email signing, encryption and decryption (S/MIME) are offered in conjunction with the secure smart cards.

Thursby is leveraging Microsoft Exchange ActiveSync email authentication using strong two-factor smart card ID and PIN, or traditional usernames and passwords. Wherever ActiveSync is enabled for smart card access, PKard Mail can be deployed “as-is” for personal devices, government furnished equipment, in custom versions for organizations, or in conjunction with third party mobile app, app store or device management initiatives.

PKard Mail is now available through Apple’s App Store at an introductory price of $19.99. It requires a smart card reader licensed for PKard Reader and includes patent technology licenses from Microsoft.

HJP Consulting provides test services, consulting for Nigerian eID project

HJP Consulting has announced a partnership with the National Identity Management Commission (NIMC) of Nigeria to deliver Test Services and Consulting for the electronic identity card project.

Based on a Presidential Initiative, NIMC has been tasked with registering all Nigerian citizens and resident legal aliens. As part of this initiative, a new multi-application eID card will be implemented.

HJP Consulting will use its GlobalTester platform to provide test services for the multi-purpose eID card, covering all card and application tests. HJP services will include the development of customized test specifications, the evaluation/implementation of test specifications, conformity and acceptance tests as well as providing test results.

VASCO announces DIGIPASS for Application Perimeter Protection SDK

VASCO Data Security International has launched its DIGIPASS for Application Perimeter Protection SDK  (DIGIPASS for APPS), a software development kit that provides app developers with a cross-platform programming environment to secure mobile applications.

DIGIPASS for APPS enables native integration of strong authentication with one-time passwords and e-signatures, ensuring a secure login or transaction signing process. The solution also offers jailbreak and rootkit detection as well as a geo location feature.

VASCO’s SDK also provides a secure channel that ensures end-to-end encryption of critical or sensitive data where mainstream technologies like HTTPS may not be enough. The secure channel offered by DIGIPASS for APPS can virtually encrypt texts, photos and QR codes.

Highlights of DIGIPASS for APPS include:

• Native integration of strong authentication (one-time passwords and e-signatures) into applications
• Extended set of provisioning options
• Patented CrontoSign technology, supports an extended list of QR codes and barcodes
• Supports geo-localized OTPs and e-signatures
• Jailbreak and rootkit detection
• Device binding
• Secure storage
• Out-of-band login support
• Multi-device capabilities
• Available for the most common programming environments, including iOS, BlackBerry (including latest BlackBerry 10 versions), Android, Windows Phone, Java, Windows with comprehensive programming samples
• Fully customizable overcoming GUI issues
• Requires no cryptographic skills, reducing integration efforts

Centrify secures access to enterprise social media, shared accounts

Specializing in unified identity services, Centrify has launched a new identity-as-a-service solution that protects an enterprise’s social media properties and other shared accounts.

Contemporary organizations are often forced to employ shared access to social accounts that are managed on behalf of the company or brand. To safeguard these properties, the Centrify User Suite, SaaS Edition (“Centrify for SaaS”) protects enterprises’ shared accounts, be it Twitter, Facebook, LinkedIn, Google+, Instagram, etc. from not only internal threats and unauthorized access, including access from users who have left the organization.

Centrify for SaaS vaults the passwords for social accounts so users never know or need to use the social app’s password.  When an approved user needs to log in to one of these social accounts, they simply log in to the Centrify portal as themselves and click on the shared account.  At no time do users have access to the shared password, and an IT administrator can even define when users are allowed to access the app, from what location, and can ask them for additional factors of authentication.

Additionally, with built-in administrative views and reports that display which employees have access to shared social media accounts, Centrify for SaaS allows organizations to centralize access to cloud applications in the workplace.

INSIDE Secure, Intrinsic-ID to launch cloud security application

INSIDE Secure and Intrinsic-ID announced the launch of Saturnus, a new class of secure microcontroller for smart cards and other Hardware Intrinsic Security (HIS) applications in an attempt to bolster security for cloud-based transactions.

Hardware Intrinsic Security technology uses the attributes of a device to extract high quality security keys, which in turn make the process very secure. With INSIDE’s secure microcontroller designs and Intrinsic’s HIS technology, the companies will use the unique physical characteristics of each chip to protect cryptographic keys, and make the devices extremely difficult to clone or reverse engineer.

The HIS-based microcontroller chips will be packaged in multiple formats, the first of which will be a USB smart card token to support the Intrinsic-ID Saturnus secure cloud application. The Saturnus application runs on mobile phones, tablets and PCs, and offers total protection of digital data stored in the cloud.

With Saturnus, files are encrypted before they leave the device and are uploaded to the cloud. The encryption keys are generated and managed inside the hardware security token that is plugged into the user device, a unique feature to Saturnus as key management is at the control of the user.  

Lieberman Software, Securonix to provide privileged identity risk, threat analytics

Privileged identity management specialist, Lieberman Software Corporation, is partnering with Securonix to provide IT security and compliance professionals with a means to closely monitor and analyze insider threats based on privileged user activities across the enterprise.

“Privileged account access and activity is one of the high-risk areas identified by Risk, Compliance and IT Audit professionals, as these accounts hold the keys to accessing the most critical enterprise computing and information assets,” says Richard Weeks, vice president of Alliances at Lieberman Software. “The fact that at most times these accounts lack identity context, as well as highly focused monitoring in the enterprise environment, means that the keys to the kingdom are often left unscrutinized.”

The integration allows the Securonix Security Intelligence Platform to consume Lieberman Software’s Enterprise Random Password Manager and Privileged Identity Management events in real-time for automated detection of anomalous user or account behavior as well as advanced privileged identity analytics.