Peter Bernstein recently wrote a feature piece on Mobility Tech Zone about the certificate authentication process using Absolute Manage for Mobile Devices. The article, “Absolute Uses Certificates for Secure Device Management on Enterprise Networks,” highlights how our certificate-based process can provide security without relying on user involvement, greatly improving enterprise security.
One of the biggest issues with BYOD is in securing the data on these devices, particularly as employees don’t often use best-practices when it comes to security. Our own research revealed that nearly 85% of US companies allow employees to manage their own devices with only 45% requiring a password to access the corporate network or data. Obviously, there is a security hole here that needs to be patched to ensure that only authorized users and their apps can access corporate data.
Unlike device certificates, which is the traditional management approach, Absolute Manage generates unique certificates per user for Exchange email access. So instead of relying upon standard passwords, user authentication can be done seamlessly using certificates. This provides the organization with a much higher degree of security, an improved end user experience, and a significant reduction in password-related security and help desk incidents.
As Tim Williams, Absolute Software director of Product Management, discussed with the author:
“BYOD is something that should not be feared. It is something that should be embraced because it empowers people to be more productive. The user just wants their stuff and for getting it to be easy. The challenge is that as a result of the convergence of device and app management with security issues that has been accelerated with mobile, IT needs tools to have control over the associated risks. That is where certificate-based management comes in.”
Absolute’s certificate authentication process takes the “people” out of the problem of security; users don’t need to come up with passwords (which are often insecure) or to remember them and IT doesn’t need to manage them. Advantages of this approach include:
- No need for users to remember their passwords (often insecure anyway or left lying around)
- E-mail and network access can be managed easily
- Users can have multiple devices or change devices seamlessly
- Calls to the IT help desk for password support are reduced
- With centralized management, IT has more visibility over devices
- Response time to anomalies is improved