SlideShare a Scribd company logo

A Guide to Effective Identity and Access Management for Mobile

TheMobilityHub
TheMobilityHub

Alongside the mobile trend are new security challenges, a direct result of organizations' inability to enforce tight control over employees' personal devices. Download "Effective Identity and Access Management in a Mobile World" to learn about a new, cost-effective and easy solution enabling employees to access corporate data and apps quickly and easily, without the need to interfere with users' already personalized mobile devices.

Technology
1 of 8
Download to read offline
Effective Identity and Access Management in a Mobile World A Good Technology Whitepaper
Contents Introduction Mobile Identity and Access Management Mobile Challenges The Multi-Factor Solution for Personal Mobile Devices The Good Vault Solution About Good Technology 3 3 4 5 5 8 Effective Identity and Access Management in a Mobile World | good.com 2 A Good Technology Whitepaper
Introduction Few developments have created more IT disruption in the past five years than the explosion of mobile devices in the workplace. Organization after organization has reaped the benefits of mobile devices for employee productivity, collaboration, and customer communication and satisfaction. Hand in hand with the mobile explosion has been the trend of employees bringing their own devices to work, called Bring Your Own Device or BYOD, which has enhanced employee satisfaction, productivity, and competitive advantage in companies looking to hire the best of the younger generation or fulfill the needs of traveling executives. Most often the personal device in question is a mobile device, such as an Apple® iPhone® , iPad® , or Android™ phone or tablet. The challenge for IT has been to balance the obvious business benefits of mobile personalized devices with the need to protect the organization from the confidential data theft, malware, and the other risks they create. The perimeters and doors of IT networks risk being blown wide open as users add devices filled with personal game, music, and other software, and connect to mobile consumer cloud services such as Gmail and Dropbox. The security risks of consumer software and services are well known, as are the challenges of managing and regulating the devices that use them. Organizations must do their best to manage employee mobile devices using mobile device management tools. But an essential part of a mobile management and security strategy is not only securing the mobile device, which is increasingly challenging, but managing and securing its access to applications and confidential organizational information. Mobile Identity and Access Management One of the key components of most organizations’ information security strategy is robust identity and access management (IAM)—the technology and practices used to positively identify users accessing sensitive applications and confidential information and to control their access and use privileges over time. IAM systems are used in large organizations to manage access and privileges for hundreds or thousands of users over their entire identity lifecycle, from the day they join the organization, through all their moves up or down the ranks, to the day they leave. They are essential tools for ensuring that organizational information security policy is adhered to and confidential information does not make it into the hands of the wrong people. Most large organizations already have IAM systems in place. In fact, escalating security threats and widely publicized data breaches have driven the adoption of IAM Systems to unprecedented levels. In a June, 2012 Security Markets Analysis (Market Analysis: Worldwide Identity and Access management 2012-2016 Forecast: Growth Driven by Security, Cloud, and Compliance), IDC predicted that the worldwide identity and access management systems market, which reached $3.7 billion in 2010 and $4.2 billion in 2011, would grow by more than half to $6.6 billion in 2016. The need and growth have been particularly pronounced in highly regulated, security sensitive markets such as government, healthcare, and financial services. Many of these sectors have embraced the benefits of mobile technologies and are looking for ways to integrate them tightly with their existing IAM systems and processes so they can remain secure and compliant. Bulletproof user authentication is particularly critical for devices that move outside the organization, across the country and around the world, where they can easily be lost, hacked, or stolen. It’s also important for devices that mix personal with organizational software and data. Effective Identity and Access Management in a Mobile World | good.com 3 A Good Technology Whitepaper
Effective Identity and Access Management in a Mobile World | good.com 4 According to IDC (Market Analysis:Worldwide Mobile Enterprise Security Software 2012 - 2016 Forecast and Analysis), mobile identity and access management is expected to grow by 27.6 percent between 2010 and 2016. Particularly important is multi-factor authentication that moves beyond user passwords, which are often mismanaged by users and easily guessed and hacked by experts, to more secure tools such as smart cards and token devices, or anything else the user has or is (such as biometrics solutions). Goode Intelligence, an analyst firm that specializes in mobile and information security, predicts that by 2014, 64 percent of multi-factor authentication sales will be mobile-based. In 2012 that number was already over 20 percent. Mobile Challenges The combination of BYOD and mobile device growth presents brand new challenges for user identity and access management in an organization. Until recently IT owned all the devices and software accessing confidential information and could impose tight limitations and controls on them. IT can no longer exercise such tight control over personal devices. And with the use of personal devices, the ever growing corporate perimeter has grown larger and more diffuse, defying attempts at management and control. The challenge is to extend IAM systems to these devices safely and securely, ensuring that each and every personal mobile device user is always strongly authenticated and that his or her access to and use of corporate applications and information are strictly compliant with organizational information security policies. Secure/Multipurpose Internet Mail Extensions (S/MIME) encryption support is also important for mobile email security. S/MIME is used widely by government and other security sensitive organizations to secure email with robust encryption and verify senders. It’s clear that roving users of personal mobile devices need an extra level of authentication beyond most deskbound workers using IT supplied equipment well inside the corporate perimeter. Passwords can be useful inside the perimeter but they have numerous well-known vulnerabilities that become even more pronounced out on the road. It’s difficult to prevent users from making poor password choices that are easy to remember but just as easy and convenient for hackers or device thieves to guess, or to prevent users from using the same password for multiple personal and business accounts or writing passwords down in places that are easy to access. Poor password choices make organizations vulnerable to man-in-the middle and other attacks that can be used to steal confidential information. Clearly, effective password management is often a major headache for most organizations. Many organizations have turned to one-time password tokens as a solution for multi-factor authentication, adding something the user possesses to the requirement of a strong, one-time PIN or password. However, even though tokens are more effective than traditional user passwords, their management has proven to be expensive and resource intensive. They’re often inconvenient for users and are frequently lost. They sometimes lose their synchronization with the centralized identity management system they’re supposed to authenticate with and a number of sophisticated threats and hacks have been developed over the years to overcome their security advantages. Many enterprises have deployed smart cards to provide strong multi-factor authentication, but smart cards require smart card readers, which can be cumbersome for mobile users on the road and interfere with the quick and easy use of mobile devices required to reap their full benefits. A Good Technology Whitepaper
Effective Identity and Access Management in a Mobile World | good.com 5 The Multi-Factor Solution for Personal Mobile Devices What is needed is a strong mobile multi-factor authentication solution that integrates tightly with existing enterprise smart card management and IAM solutions, meets all the stringent needs of security and privacy regulations such as HSPD-12, FIPS, FFIEC, PCI, HITEC, and HIPAA, but is also portable, lightweight, compact, and convenient enough for users to carry and log into corporate applications quickly and easily from the road. Ideally the authentication mechanism should be attached to the mobile device and no more inconvenient to carry home, on the road, to an Internet enabled café, the airport, and across the globe than the mobile device itself. It should also be as user-friendly as possible so users don’t feel it interferes with the quick and easy use of their chosen, often personalized mobile devices. Finally, any multi-factor authentication solution should be easy and cost effective for IT to configure and manage, allowing the use of an organization’s existing standard CAC/PIV smart cards. As a mobile authentication solution it should integrate tightly with current enterprise card management and identity and access management platforms, while providing the flexibility to keep pace with evolving IAM standards as newer, improved technologies become available. The Good Vault Solution Good Technology™ ’s Good Vault™ is one of the first and most comprehensive solutions on the market for extending enterprise identity and access management to mobile and personal devices. Good Vault provides robust mobile multi-factor authentication and secure email for the most security sensitive and regulated organizations. It perfectly balances the needs of IT managers for security and regulatory compliance, with those of executives, and other mobile users, for rapid, easy adoption. Good Vault supports all legacy smart cards as well as Micro SD options for storing user credentials and keys and integrates tightly with Good Technology’s award winning Good for Enterprise™ corporate messaging application. Perhaps most important of all, however, is that Good Vault has been carefully designed to provide airtight security and compliance without compromising the mobile user experience or the compact mobile form factor of typical smart phones. Good Vault employs strong two-factor authentication, requiring each and every user to provide something he or she has—a Secure Element (SE) on a smart or Micro SD card—with something he knows—a personal identification number (PIN). Smart Cards and secure Micro SD cards provide this secure element in highly secure crypto chips, adding hardware protection and tamper resistance to Good for Enterprise’s existing authentication platform. Good Vault works with slim Smart Card and Micro SD reader sleeves that fit directly over smart phones, server side software used by IT for administration and credential issuance and management, and an easy-to-install and configure Good Vault user application for mobile device users. Good Vault’s smart card option supports all the major smart card standards such as CAC, PIV, PIV-1 and CIV. The mobile reader, supplied by Precise Biometrics, Tactivo™ , is a slim casing that fits over the iPhone 4 or 4S, adding only about a half inch in length and .22 in thickness to the device and weighing a mere 1.5 ounces. The solution complies with Apple MFi certification. FCC, CE Marking, GSA FIPS-201, and Unified Capabilities Product listing certifications are either under way or planned. The sleeve is carefully designed so it does not block the iPhone camera, even when the smart card is placed in the reader. In all, there are no compromises to the mobile form factor or user experience. A Good Technology Whitepaper
Effective Identity and Access Management in a Mobile World | good.com 6 The MicroSD option also consists of small form factor cards, similar to smart cards, with embedded PKI cryptographic chips. It also uses a slim casing for the iPhone 4 or 4s and contains a slot for inserting a MicroSD card. It’s supplied by Device Fidelity through HID Identity Assurance, formerly ActivIdentity and now part of HID Global® , and it uses HID’s ActiveID Credential Management System to issue and manage the MicroSD cards for either primary or derived credentials. The MicroSD doesn’t necessarily replace a smart card solution. It can either serve as an alternative option for primary credentials or it can be used in parallel with smart cards for derived credentials, with the smart card used as the primary credential. In such a case, new authentication and signature keys are used in the MicroSD, but the same encryption key used in the smart card is used by the MicroSD card so emails can be decrypted on both mobile and desktop devices. PIV, PIV-1 and CIV formats are all supported with both primary and derived credentials on the MicroSD card. Both hardware options also store PKI credentials for S/MIME email signing and encryption to ensure nobody on the communications link between the sender and recipient can read an email. Good Vault is a Good Dynamics® -enabled solution. Good Dynamics is Good Technology’s secure application development platform, providing a secure container for safe access from anywhere in the world without the need for a VPN client installed on the mobile device. It includes policy management capabilities for enforcing rich and granular enterprise policies at the application level and prevents data loss with encryption of data both in transit and at rest. While Good Vault supports two hardware solutions today, it is intended to be hardware agnostic. Good Vault is the first product to be delivered through the Good Trust™ security platform that extends critical identity and access management capabilities like strong authentication, single sign-on, and identity federation to mobile devices and applications. Good Trust will support a wide array of authentication mechanisms, including new technologies such as biometrics, as they become available. Because Good Vault is a Good Dynamics-enabled solution, it can leverage Good Trust’s robust APIs to be extensible to these new technologies too. A Good Technology Whitepaper The Smart Card option for authentication includes a slim device casing and a slot for inserting an identification card. The MicroSD option also includes a slim device casing that can carry a mini-card with stored credentials.
Effective Identity and Access Management in a Mobile World | good.com 7 Good Vault: strong authentication to GFE today, extensible to Good Dynamics- enabled apps. With Good Vault, you get the best of all worlds. C-Level executives like the CISO or CIO take advantage of Secure Element technology for strong authentication and email security to protect corporate data, prevent data loss, and meet regulatory compliance requirements. IT managers can harness their existing infrastructure for PKI credentials, extending the same controls they have on the desktop to mobile users, and lowering their overall costs for identity access and management. They can also promise unmatched convenience and portability to drive quick adoption. And since the solution maintains the sleek design and usability of the phone, the mobile workforce remains productive without sacrificing security. For mobile organizations looking to comply with the most stringent regulations and security standards, an authentication solution that harnesses a Secure Element perfectly balances the flexibility and freedom users require with the IT security controls needed to protect sensitive applications and data. A solution that maintains the mobile device form factor and user experience simplifies user adoption. Hardware- based multi-factor authentication ensures that credentials cannot be tampered with and tight integration with current and evolving enterprise IAM platforms allows organizations to provide robust, cost effective mobile security today as well as tomorrow. Good Vault provides such a solution, keeping enterprises safe, secure, and compliant in the changing and evolving IT environment of mobility and consumerization. For more on Good Technology’s Good for Enterprise, visit here. For more on Good Technology’s Good Dynamics, visit here. For more information on Good Vault, visit here. For more information on Good Trust, visit here. A Good Technology Whitepaper Strong Two-factor Authentication that • Meets stringent security standards and compliance regulations • Preserves existing identity and access management investments • Can evolve to other authentication mechanisms as they are available
F T L Y Effective Identity and Access Management in a Mobile World | good.com 8 About Good Technology Mobility is here, and business is changing. Your employees need to be productive on devices they bring from home. And you need to provision, monitor, and secure the mobile apps and services that allow them to collaborate anytime, anywhere. It’s how people work now. Good Technology is transforming how mobile work gets done, through secure app-to-app workflows that include integrated email, communications, document management, business intelligence, social business, wireless printing, and more. We also offer complete enterprise mobility management solutions, including device, app, data, and service management; as well as analytics and reporting. We complete our stack with professional services that include mobile deployment rollouts, BYO onboarding constructs, and platform transition consulting. Only Good offers a complete mobile solution that puts IT back in control. All of Good Technology’s secure solutions work to keep employees productive and corporate and personal data secure, and accessible. Established in 1996 and headquartered in Sunnyvale, California, Good Technology’s services are used by 4000+ major organizations worldwide, including 50 of the Fortune 100 as well as more than 4,000 enterprise customers in 90+ countries operating on over 200 carriers. Good Technology has partnerships with industry leaders including Apple, Google, LG, HTC, Microsoft, Nokia and leading systems integrators. Want to know more? Visit good.com. A Good Technology Whitepaper ©2013 Good Technology Corporation and its related entities. All use is subject to license terms posted at www.good.com/legal. All rights reserved. GOOD, GOOD TECHNOLOGY, the GOOD logo, GOOD FOR ENTERPRISE, GOOD FOR GOVERNMENT, GOOD FOR YOU, GOOD DYNAMICS, SECURED BY GOOD, GOOD MOBILE MANAGER, GOOD CONNECT, GOOD SHARE, GOOD VAULT and GOOD DYNAMICS APPKINETICS are trademarks of Good Technology Corporation and its related entities. All third-party trademarks, trade names, or service marks may be claimed as the property of their respective owners. Good’s technology and products are protected by issued and pending U.S. and foreign patents. iPad and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries. Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. ©2013 Global Headquarters +1 408 212 7500 (main) +1 866 7 BE GOOD (sales) EMEA Headquarters +44 (0) 20 7845 5300 Asia/Pacific Headquarters +1 300 BE GOOD good.com

Recommended

Access Management for Cloud and Mobile
Access Management for Cloud and MobileAccess Management for Cloud and Mobile
Access Management for Cloud and Mobile
ForgeRock
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101
Jerod Brennen
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 

Recommended

Access Management for Cloud and Mobile
Access Management for Cloud and MobileAccess Management for Cloud and Mobile
Access Management for Cloud and Mobile
ForgeRock
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101
Jerod Brennen
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
Sandro Moreira
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Jago de Vreede
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 

More Related Content

Recently uploaded

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Recently uploaded (20)

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

Featured

Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 

Featured (20)

PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
 

A Guide to Effective Identity and Access Management for Mobile

  • 1. Effective Identity and Access Management in a Mobile World A Good Technology Whitepaper
  • 2. Contents Introduction Mobile Identity and Access Management Mobile Challenges The Multi-Factor Solution for Personal Mobile Devices The Good Vault Solution About Good Technology 3 3 4 5 5 8 Effective Identity and Access Management in a Mobile World | good.com 2 A Good Technology Whitepaper
  • 3. Introduction Few developments have created more IT disruption in the past five years than the explosion of mobile devices in the workplace. Organization after organization has reaped the benefits of mobile devices for employee productivity, collaboration, and customer communication and satisfaction. Hand in hand with the mobile explosion has been the trend of employees bringing their own devices to work, called Bring Your Own Device or BYOD, which has enhanced employee satisfaction, productivity, and competitive advantage in companies looking to hire the best of the younger generation or fulfill the needs of traveling executives. Most often the personal device in question is a mobile device, such as an Apple® iPhone® , iPad® , or Android™ phone or tablet. The challenge for IT has been to balance the obvious business benefits of mobile personalized devices with the need to protect the organization from the confidential data theft, malware, and the other risks they create. The perimeters and doors of IT networks risk being blown wide open as users add devices filled with personal game, music, and other software, and connect to mobile consumer cloud services such as Gmail and Dropbox. The security risks of consumer software and services are well known, as are the challenges of managing and regulating the devices that use them. Organizations must do their best to manage employee mobile devices using mobile device management tools. But an essential part of a mobile management and security strategy is not only securing the mobile device, which is increasingly challenging, but managing and securing its access to applications and confidential organizational information. Mobile Identity and Access Management One of the key components of most organizations’ information security strategy is robust identity and access management (IAM)—the technology and practices used to positively identify users accessing sensitive applications and confidential information and to control their access and use privileges over time. IAM systems are used in large organizations to manage access and privileges for hundreds or thousands of users over their entire identity lifecycle, from the day they join the organization, through all their moves up or down the ranks, to the day they leave. They are essential tools for ensuring that organizational information security policy is adhered to and confidential information does not make it into the hands of the wrong people. Most large organizations already have IAM systems in place. In fact, escalating security threats and widely publicized data breaches have driven the adoption of IAM Systems to unprecedented levels. In a June, 2012 Security Markets Analysis (Market Analysis: Worldwide Identity and Access management 2012-2016 Forecast: Growth Driven by Security, Cloud, and Compliance), IDC predicted that the worldwide identity and access management systems market, which reached $3.7 billion in 2010 and $4.2 billion in 2011, would grow by more than half to $6.6 billion in 2016. The need and growth have been particularly pronounced in highly regulated, security sensitive markets such as government, healthcare, and financial services. Many of these sectors have embraced the benefits of mobile technologies and are looking for ways to integrate them tightly with their existing IAM systems and processes so they can remain secure and compliant. Bulletproof user authentication is particularly critical for devices that move outside the organization, across the country and around the world, where they can easily be lost, hacked, or stolen. It’s also important for devices that mix personal with organizational software and data. Effective Identity and Access Management in a Mobile World | good.com 3 A Good Technology Whitepaper
  • 4. Effective Identity and Access Management in a Mobile World | good.com 4 According to IDC (Market Analysis:Worldwide Mobile Enterprise Security Software 2012 - 2016 Forecast and Analysis), mobile identity and access management is expected to grow by 27.6 percent between 2010 and 2016. Particularly important is multi-factor authentication that moves beyond user passwords, which are often mismanaged by users and easily guessed and hacked by experts, to more secure tools such as smart cards and token devices, or anything else the user has or is (such as biometrics solutions). Goode Intelligence, an analyst firm that specializes in mobile and information security, predicts that by 2014, 64 percent of multi-factor authentication sales will be mobile-based. In 2012 that number was already over 20 percent. Mobile Challenges The combination of BYOD and mobile device growth presents brand new challenges for user identity and access management in an organization. Until recently IT owned all the devices and software accessing confidential information and could impose tight limitations and controls on them. IT can no longer exercise such tight control over personal devices. And with the use of personal devices, the ever growing corporate perimeter has grown larger and more diffuse, defying attempts at management and control. The challenge is to extend IAM systems to these devices safely and securely, ensuring that each and every personal mobile device user is always strongly authenticated and that his or her access to and use of corporate applications and information are strictly compliant with organizational information security policies. Secure/Multipurpose Internet Mail Extensions (S/MIME) encryption support is also important for mobile email security. S/MIME is used widely by government and other security sensitive organizations to secure email with robust encryption and verify senders. It’s clear that roving users of personal mobile devices need an extra level of authentication beyond most deskbound workers using IT supplied equipment well inside the corporate perimeter. Passwords can be useful inside the perimeter but they have numerous well-known vulnerabilities that become even more pronounced out on the road. It’s difficult to prevent users from making poor password choices that are easy to remember but just as easy and convenient for hackers or device thieves to guess, or to prevent users from using the same password for multiple personal and business accounts or writing passwords down in places that are easy to access. Poor password choices make organizations vulnerable to man-in-the middle and other attacks that can be used to steal confidential information. Clearly, effective password management is often a major headache for most organizations. Many organizations have turned to one-time password tokens as a solution for multi-factor authentication, adding something the user possesses to the requirement of a strong, one-time PIN or password. However, even though tokens are more effective than traditional user passwords, their management has proven to be expensive and resource intensive. They’re often inconvenient for users and are frequently lost. They sometimes lose their synchronization with the centralized identity management system they’re supposed to authenticate with and a number of sophisticated threats and hacks have been developed over the years to overcome their security advantages. Many enterprises have deployed smart cards to provide strong multi-factor authentication, but smart cards require smart card readers, which can be cumbersome for mobile users on the road and interfere with the quick and easy use of mobile devices required to reap their full benefits. A Good Technology Whitepaper
  • 5. Effective Identity and Access Management in a Mobile World | good.com 5 The Multi-Factor Solution for Personal Mobile Devices What is needed is a strong mobile multi-factor authentication solution that integrates tightly with existing enterprise smart card management and IAM solutions, meets all the stringent needs of security and privacy regulations such as HSPD-12, FIPS, FFIEC, PCI, HITEC, and HIPAA, but is also portable, lightweight, compact, and convenient enough for users to carry and log into corporate applications quickly and easily from the road. Ideally the authentication mechanism should be attached to the mobile device and no more inconvenient to carry home, on the road, to an Internet enabled café, the airport, and across the globe than the mobile device itself. It should also be as user-friendly as possible so users don’t feel it interferes with the quick and easy use of their chosen, often personalized mobile devices. Finally, any multi-factor authentication solution should be easy and cost effective for IT to configure and manage, allowing the use of an organization’s existing standard CAC/PIV smart cards. As a mobile authentication solution it should integrate tightly with current enterprise card management and identity and access management platforms, while providing the flexibility to keep pace with evolving IAM standards as newer, improved technologies become available. The Good Vault Solution Good Technology™ ’s Good Vault™ is one of the first and most comprehensive solutions on the market for extending enterprise identity and access management to mobile and personal devices. Good Vault provides robust mobile multi-factor authentication and secure email for the most security sensitive and regulated organizations. It perfectly balances the needs of IT managers for security and regulatory compliance, with those of executives, and other mobile users, for rapid, easy adoption. Good Vault supports all legacy smart cards as well as Micro SD options for storing user credentials and keys and integrates tightly with Good Technology’s award winning Good for Enterprise™ corporate messaging application. Perhaps most important of all, however, is that Good Vault has been carefully designed to provide airtight security and compliance without compromising the mobile user experience or the compact mobile form factor of typical smart phones. Good Vault employs strong two-factor authentication, requiring each and every user to provide something he or she has—a Secure Element (SE) on a smart or Micro SD card—with something he knows—a personal identification number (PIN). Smart Cards and secure Micro SD cards provide this secure element in highly secure crypto chips, adding hardware protection and tamper resistance to Good for Enterprise’s existing authentication platform. Good Vault works with slim Smart Card and Micro SD reader sleeves that fit directly over smart phones, server side software used by IT for administration and credential issuance and management, and an easy-to-install and configure Good Vault user application for mobile device users. Good Vault’s smart card option supports all the major smart card standards such as CAC, PIV, PIV-1 and CIV. The mobile reader, supplied by Precise Biometrics, Tactivo™ , is a slim casing that fits over the iPhone 4 or 4S, adding only about a half inch in length and .22 in thickness to the device and weighing a mere 1.5 ounces. The solution complies with Apple MFi certification. FCC, CE Marking, GSA FIPS-201, and Unified Capabilities Product listing certifications are either under way or planned. The sleeve is carefully designed so it does not block the iPhone camera, even when the smart card is placed in the reader. In all, there are no compromises to the mobile form factor or user experience. A Good Technology Whitepaper
  • 6. Effective Identity and Access Management in a Mobile World | good.com 6 The MicroSD option also consists of small form factor cards, similar to smart cards, with embedded PKI cryptographic chips. It also uses a slim casing for the iPhone 4 or 4s and contains a slot for inserting a MicroSD card. It’s supplied by Device Fidelity through HID Identity Assurance, formerly ActivIdentity and now part of HID Global® , and it uses HID’s ActiveID Credential Management System to issue and manage the MicroSD cards for either primary or derived credentials. The MicroSD doesn’t necessarily replace a smart card solution. It can either serve as an alternative option for primary credentials or it can be used in parallel with smart cards for derived credentials, with the smart card used as the primary credential. In such a case, new authentication and signature keys are used in the MicroSD, but the same encryption key used in the smart card is used by the MicroSD card so emails can be decrypted on both mobile and desktop devices. PIV, PIV-1 and CIV formats are all supported with both primary and derived credentials on the MicroSD card. Both hardware options also store PKI credentials for S/MIME email signing and encryption to ensure nobody on the communications link between the sender and recipient can read an email. Good Vault is a Good Dynamics® -enabled solution. Good Dynamics is Good Technology’s secure application development platform, providing a secure container for safe access from anywhere in the world without the need for a VPN client installed on the mobile device. It includes policy management capabilities for enforcing rich and granular enterprise policies at the application level and prevents data loss with encryption of data both in transit and at rest. While Good Vault supports two hardware solutions today, it is intended to be hardware agnostic. Good Vault is the first product to be delivered through the Good Trust™ security platform that extends critical identity and access management capabilities like strong authentication, single sign-on, and identity federation to mobile devices and applications. Good Trust will support a wide array of authentication mechanisms, including new technologies such as biometrics, as they become available. Because Good Vault is a Good Dynamics-enabled solution, it can leverage Good Trust’s robust APIs to be extensible to these new technologies too. A Good Technology Whitepaper The Smart Card option for authentication includes a slim device casing and a slot for inserting an identification card. The MicroSD option also includes a slim device casing that can carry a mini-card with stored credentials.
  • 7. Effective Identity and Access Management in a Mobile World | good.com 7 Good Vault: strong authentication to GFE today, extensible to Good Dynamics- enabled apps. With Good Vault, you get the best of all worlds. C-Level executives like the CISO or CIO take advantage of Secure Element technology for strong authentication and email security to protect corporate data, prevent data loss, and meet regulatory compliance requirements. IT managers can harness their existing infrastructure for PKI credentials, extending the same controls they have on the desktop to mobile users, and lowering their overall costs for identity access and management. They can also promise unmatched convenience and portability to drive quick adoption. And since the solution maintains the sleek design and usability of the phone, the mobile workforce remains productive without sacrificing security. For mobile organizations looking to comply with the most stringent regulations and security standards, an authentication solution that harnesses a Secure Element perfectly balances the flexibility and freedom users require with the IT security controls needed to protect sensitive applications and data. A solution that maintains the mobile device form factor and user experience simplifies user adoption. Hardware- based multi-factor authentication ensures that credentials cannot be tampered with and tight integration with current and evolving enterprise IAM platforms allows organizations to provide robust, cost effective mobile security today as well as tomorrow. Good Vault provides such a solution, keeping enterprises safe, secure, and compliant in the changing and evolving IT environment of mobility and consumerization. For more on Good Technology’s Good for Enterprise, visit here. For more on Good Technology’s Good Dynamics, visit here. For more information on Good Vault, visit here. For more information on Good Trust, visit here. A Good Technology Whitepaper Strong Two-factor Authentication that • Meets stringent security standards and compliance regulations • Preserves existing identity and access management investments • Can evolve to other authentication mechanisms as they are available
  • 8. F T L Y Effective Identity and Access Management in a Mobile World | good.com 8 About Good Technology Mobility is here, and business is changing. Your employees need to be productive on devices they bring from home. And you need to provision, monitor, and secure the mobile apps and services that allow them to collaborate anytime, anywhere. It’s how people work now. Good Technology is transforming how mobile work gets done, through secure app-to-app workflows that include integrated email, communications, document management, business intelligence, social business, wireless printing, and more. We also offer complete enterprise mobility management solutions, including device, app, data, and service management; as well as analytics and reporting. We complete our stack with professional services that include mobile deployment rollouts, BYO onboarding constructs, and platform transition consulting. Only Good offers a complete mobile solution that puts IT back in control. All of Good Technology’s secure solutions work to keep employees productive and corporate and personal data secure, and accessible. Established in 1996 and headquartered in Sunnyvale, California, Good Technology’s services are used by 4000+ major organizations worldwide, including 50 of the Fortune 100 as well as more than 4,000 enterprise customers in 90+ countries operating on over 200 carriers. Good Technology has partnerships with industry leaders including Apple, Google, LG, HTC, Microsoft, Nokia and leading systems integrators. Want to know more? Visit good.com. A Good Technology Whitepaper ©2013 Good Technology Corporation and its related entities. All use is subject to license terms posted at www.good.com/legal. All rights reserved. GOOD, GOOD TECHNOLOGY, the GOOD logo, GOOD FOR ENTERPRISE, GOOD FOR GOVERNMENT, GOOD FOR YOU, GOOD DYNAMICS, SECURED BY GOOD, GOOD MOBILE MANAGER, GOOD CONNECT, GOOD SHARE, GOOD VAULT and GOOD DYNAMICS APPKINETICS are trademarks of Good Technology Corporation and its related entities. All third-party trademarks, trade names, or service marks may be claimed as the property of their respective owners. Good’s technology and products are protected by issued and pending U.S. and foreign patents. iPad and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries. Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. ©2013 Global Headquarters +1 408 212 7500 (main) +1 866 7 BE GOOD (sales) EMEA Headquarters +44 (0) 20 7845 5300 Asia/Pacific Headquarters +1 300 BE GOOD good.com