Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecurityCybersecurity News

Managing security on mobile devices through mobile certificate management

The pandemic accelerated the need for certificate management to enable authentication, encryption, and digital signature from mobile devices

By Vinay Purohit
SEC0919-Mobile-Feat-slide1_900px
December 16, 2020

Mobile devices are part and parcel of today’s increasingly distributed workforce. Laptops, smartphones, and tablets are provisioned by enterprises to increase employee productivity, while providing flexibility to work remotely. But when the pandemic struck, security teams across industries were challenged by the unprecedented speed and scale of the shift; prior to the pandemic, only 7% of U.S. workers had the option to regularly work from home, while today 42% of the U.S. labor force works from home full-time.

This disruption created great strain for IT security teams. Almost overnight, employees needed to be productive in a work-from-home reality where they were connecting to company networks, cloud applications, and email through potentially unsecured Wi-Fi networks. This challenge was compounded by the increase in employee BYOD devices, as already-overworked IT teams raced to ensure only authorized devices could connect to corporate assets. In turn, they have leaned into mobile device management (MDM), a type of security software to manage employee mobile devices. But still, gaps remain. 

In today’s increasingly work-from-home paradigm, security teams need a simple way to manage certificates across multiple MDM platforms, and in some cases no MDMs, so that employees can productively access company networks, applications, and email.

 

Certificates secure identities across myriad devices

Public key encryption (PKI)-based certificates are the gold standard for digital signature and encryption, and serve as a strong and productive method of authentication for the array of mobile devices your workforce is using. 

Digital certificates provide stronger security than passwords and are easier to use than one-time-password authentication. Passwords are easily stolen and costly to maintain; according to Gartner, between 20-50% of all help desk calls are for password resets. MFA was once heralded as a security panacea, but today the FBI warns against MFA

Conversely, digital certificates offer the strongest form of identity authentication and are an important part of Zero Trust architecture, a model of security where trust is never granted implicitly and must be continually evaluated. In fact, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) recently named PKI a core component of Zero Trust architecture.

When the private key paired with the certificate is stored in a secure enclave, it cannot be duplicated in another device, ensuring only authorized devices can access corporate resources. With a password or OTP approach, you cannot be sure it is an authorized device. The user certificate, when paired with the device biometric or PIN, authenticates the user identity across all of the user’s devices for invisible, yet secure, access to corporate resources over EAP-TLS, Wi-Fi or TLS Web Browser sessions.

 

IT teams rely on traditional MDM solutions, but they remain complex and inadequate

IT departments use traditional MDM software to monitor, manage, and secure employees’ many devices, from laptops to tablets to mobile phones. A large enterprise may use multiple MDM vendors. In an emergency, such as when Quantum computing compromises an RSA2048 key, they would need to run reports from all MDMs to identify and replace compromised certificates. For end-to-end email encryption, the mobile device needs the same private encryption key history on all their devices. Another scenario where traditional MDMs fall short is where enterprises have employees who are contractors from other companies and they cannot install an MDM onto their device. These same people need to access enterprise systems and therefore need digital certificates on their mobile devices.

sectigo

Caption: “Mobile Certificate Management” software can be used to securely protect communications across a wide assortment of mobile devices. Photo courtesy of Sectigo.

 

Heterogeneous ecosystems warrant automation and single-pane-of-glass certificate lifecycle management

Relying on key management portals across multiple MDM and CA vendors is a labor-intensive process that drains already-lean IT resources. Consider the case of secure/multipurpose internet mail extension (S/MIME) certificates. These certificates require that the same keys are distributed across the multiple devices an employee may be using for email, and they require significant IT manpower to deploy, manage, and store the user keys to multiple devices.

To secure today’s expanding ecosystem of devices, IT teams need a system that provides both digital certificates and visibility into the full lifecycle of the certificates and keys in their environment. A single-pane-of-glass platform gives IT teams the power to automate certificate management — from discovery to configuration, provisioning to renewal and revocation — using standards like simple certificate enrollment protocol (SCEP) and Enrollment over Secure Transport (EST), all in a single dashboard. With the right certificate management platform, adherence to these standards is made easy in one, centralized interface. 

IT teams today are working hard to keep pace with an ever-evolving enterprise ecosystem and threat landscape. At the same time, they must ensure uninterrupted and trusted access from a host of devices to the applications and services that employees require to do their jobs. The diversity of connected devices requires a simplified, automated approach to overseeing digital certificates to prevent gaps in service delivery. With centralized certificate management platforms, administrators can eliminate service disruptions through a dashboard that enables visibility into certificates, their expiration dates, and cryptographic strength, with a single glance.

KEYWORDS: Bring Your Own Device (BYOD) cyber security mobile device security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Vinay Purohit is Director of Product Management at Sectigo, a provider of automated digital identity management and web security solutions. With more than 20 years of software development and managing cybersecurity products, Vinay leads the company’s innovations around PKI, DevOps, Mobile, and Cloud security. Before Sectigo, he was with Entrust and Nokia Software. He has an Engineering degree in computer science.

 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Jim Coyle podcast news header

    Risk management and mobile devices

    See More
  • smartphone1-900px.jpg

    More than 70 Percent of Mobile Devices on the Five Major US Carriers Highly Susceptible to Breach

    See More
  • cyber 2 responsive default

    Attacks on Mobile Devices and Apps on the Rise

    See More

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing