mobile security suite
Smartphones are replacing traditional mobile phones and often company users prefer to use their personal smartphone instead of the one provided by their company.
So companies are facing a totally new scenario which is rapidly changing: while the introduction of these devices may weaken the corporate security perimeter, on the other hand it opens important perspectives for the integration of a smartphone in the companies production processes.
Nowadays a smartphone has almost the functionalities of a traditional computer but being a replacement for a cell phone already present in the company, it is rarely included in the production line with an approach that fully protects the security of data exchanged with it.
ZEROPIU faces these new challenges with a product suite: ZEROPIU Mobile Security Suite (MSS).
MSS is able to comply with the current enterprise security standards and to deal with the flexible and functional environment of the new smartphone’s generation. Its main goal is to guarantee the security of the enterprise applications hosted on smartphones and tablets offering also single-sign-on and strong authentication features and can be used in B2E and B2C scenarios as well.
MSS is already available for iOS and Android devices, for a complete list of its available and upcoming functionalities please download the MSS brochure.
ZEROPIU named "COOL VENDOR" by Gartner Research
Vendors Selected for the "Cool Vendor" Report Recognized for Being "Innovative, Impactful and Intriguing"
Why Cool: Zeropiu has developed a mobile security platform enabling enterprises to provide their mobile devices users a secure access to corporate systems... read more
To integrate applications in a single-sign-on environment just by means of proxies or web based agents could address only one part of the issues related to the users’ authorization. Usually in a J2EE environment the authentication/authorization process is implemented by the application server so you need to make it aware of user identity and profile, integrating the single-sign-on environment also at application server level.
ZASA is the key component enabling the rapid integration of leading application servers security system with the whole CA eTrust SiteMinder suite.
A typical use case is a 2-tiers application, with front end web servers and its business logic running on application servers, which needs to be integrated in an Identity ed Access Management platform based on the CA eTrust products suite.
The front end web servers can be easily integrated through the standard CA eTrust SiteMinder Web Agents but not the business logic security which relies on the application servers.
To integrate them you need to bring the users’ authentication and roles at the application server level and this is the job of a so called Application Server Agent, this is the job of ZASA.
ZASA is able to validate the user identity through the CA eTrust SiteMinder cookie (provided by the SiteMinder Web Agent installed on front end web servers), get user’s profile and use them to build the user’s j2ee principal.
Then you could use the ZASA authorization module or the application server security system to handle the application authorization process.
There are other Application Server Agents available in the market but let us add another quite common detail to the above use case: the IAM platform relies on Microsoft Active Directory for users’ authentication but the profiling information are acquired by a different LDAP system.
Just this detail is enough to make ZASA the only product of choice.
The Italian Guarantor for Privacy with the measure dated 27 November 2008 introduced a legislation aimed at regulating the activities of system administrators in order to ensure a higher standard of security for personal data.
The requirements are mandatory for all owners of the processing of personal data (companies, organizations, central government and local administrations) that are not affected by the previous misure di semplificazione (simplification measure).
The IT professionals involved are:
- System administrators
- Data Base administrators
- Network administrators
- Administrators of complex applications
To comply with the measure of the Guarantor is necessary to address both technological and organizational aspects as well: partial solutions imply costs and do not solve the problem.
- Support for the organizational processes involved in the regulation
- Realize an efficient and safe collection of the access logs from all the sources
- Build a log repository providing the tools to analyze the stored data in order to achieve high security standards
SA-monitor provides a platform for addressing all security requirements relating to groups of privileged users within the company characterized by a high level of operational discretion.
The control over the AdS (Amministratori di Sistema - System Administrators) is not, in fact, only relevant for the protection of personal data but also for the safety of different sets of business-critical corporate data.
SA-monitor is a platform that can integrate all the technological environments and applications of today and tomorrow.
SA-Monitor is a complete solution for the system administrators management , in total conformity with the Measure dated 27 November 2008 by the Italian Authority for Privacy.