Entrust enabling mobile ID technology
28 February, 2012
category: Biometrics, Corporate, Digital ID, Government, NFC, Smart Cards
Multiple announcements on mobile ID and the enterprise
Entrust Inc. is extending its Entrust IdentityGuard strong authentication platform to offer smart credentials on mobile devices for enterprise-grade security. Taking advantage of near field communication and Bluetooth standards, Entrust embeds biometrics and digital certificates on smart phones to create trusted identity credentials for stronger, more convenient enterprise authentication.
Now available via the software-based Entrust IdentityGuard authentication platform, organizations are able to use biometrics and digital certificates to leverage mobile devices as smart credentials for logical access to corporate and wireless networks, Web authentication and physical access to buildings and other facilities. For even greater convenience, NFC and Bluetooth may be used for mobile-based authentication.
Authenticated desktop logins will be as simple as having a mobile device in proximity of a workstation but with more security. On certain devices it may even be possible for Bluetooth capabilities to bring additional features to smart phones, such as proximity-based auto-lockout of desktops and laptops.
By delivering updated credentials to mobile devices – anytime and anywhere – via secure online channels, organizations can eliminate the risk of physical smart cards being intercepted or lost in the mail and also remove expensive and time-consuming shipping obstacles.
Compatible on today’s most popular mobile platforms, including Apple iOS, RIM BlackBerry and Google Android, Entrust leverages industry-standard technologies, including PIV, for higher security and interoperability than proprietary systems.
Entrust IdentityGuard also introduces an API designed to enable tight integration with mobile device management, identity and access management, and public key infrastructure vendors. This provides interoperability, via standards-based interfaces, with new and existing enterprise security implementations. This approach may even leverage in-house or managed service-based digital certificates.
The enhanced Entrust IdentityGuard solution will also include certificate-on boarding to mobile devices for certificate-based authentication and S/MIME-based decryption and signing of email. Advanced secure email capabilities include synchronization, key history and encryption across enterprise desktops and mobile platforms.
Entrust, Good Technology adding email support
Additionally, Entrust, through its relationship with Good Technology, is trying to add more convenience to its mobile security capabilities. Entrust will offer end-to-end support of S/MIME and PKI from inside the firewall to the mobile device. This collaboration is intended to enable customers to take full advantage of the core values of S/MIME – strong authentication, non-repudiation and message integrity.
By supporting integration of its proprietary Web Services API, Entrust IdentityGuard will be more efficient in addressing the typical types of administrative headaches and technological obstacles encountered in providing Secure Multipurpose Internet Mail Extension (S/MIME) capabilities on mobile devices. The Good for Enterprise and Good for Government platforms provide robust S/MIME capabilities for Apple iOS and Google Android smart phones.
Good Technology’s container-based methodology was adopted to secure and manage sensitive data and prevent it from being leaked to other non-secure applications present on a device. Each Good Technology solution protects proprietary enterprise or government data in-transit, over-the-air and at rest on a device using a FIPS 140-2-validated cryptographic module that utilizes AES 192 encryption.
Working together, Entrust and Good Technology aim to ease integration between the two solutions to remove the need for desktop synchronization software or out-of-band private-key distribution methods.
Entrust partners with AirWatch
Entrust also announced a new relationship with AirWatch, a mobile device ID and security company. This collaboration aims to help advance access for Entrust PKI, Managed Service and IdentityGuard users who can leverage AirWatch’s Software as a Service, appliance-based or on-premise solutions.
Customers will be able to enjoy improved integration between Apple iOS, RIM BlackBerry and Google Android devices and their enterprise through Web-based API.
The AirWatch solution provides a set of mobile security features, including accessible, easy-to-use Web- and mobile-based management console; a Secure Content Locker; a Secure Email Gateway; an AirWatch App Catalog; the ability to securely manage both corporate- and employee-liable devices and location-based services.
AirWatch’s API integration capabilities include the ability to integrate key enterprise platforms such as LDAP directory servers, Microsoft Active Directory, Microsoft Exchange, Microsoft BPOS-D, Microsoft Office 365, IBM Lotus Notes and Google Gmail for Business, as well as Public Key Infrastructures (PKI) and certificate management frameworks, streamlining the generation and management of certificates used on mobile devices for authentication and encryption.
MobileIron, Entrust working on BYOD
Lastly, Entrust announced an evolution in the company’s relationship with MobileIron, an enterprise management and security firm for mobile devices and apps.
To better address the mobility needs of customers, the two companies will be introducing an integrated solution that is planned for later this year and will be designed to enable Entrust on-premise and cloud customers to manage certificates for mobile devices and applications.
This solution will enable Entrust PKI, Managed Service and IdentityGuard customers to leverage access for managing and utilizing their mobile device as an authenticator to mobile, Web and enterprise applications. This capability will be designed to empower customers to identify devices accessing their enterprise and manage the identity of those users.
Entrust and MobileIron have forged a relationship intended to enable enterprises to better secure data on employee-owned phones and tablets without compromising the owner’s privacy or the organization’s security. By combining MobileIron’s management capabilities with Entrust’s advanced security measures, organizations will be able to operate more confidently in the emerging bring your own device and cloud-based environment.