Certificate Authority GlobalSign has joined the Microsoft Intelligent Security Association. GlobalSign already integrates with Microsoft Intune endpoint management solution. It is now deepening that integration and adding additional support for Microsoft Active Directory.
Using the Simple Certificate Enrollment Protocol (SCEP) GlobalSign will provision digital certificates to mobile devices. This is done through its Public Key Infrastructure (PKI) management and automation solution. By using digital certificates, devices will be able to authenticate themselves to the network.
According to Lila Kee, General Manager, Americas, GlobalSign: “This integration is terrific news for Microsoft Intune users who now have authentication capabilities that are vital as the ever-increasing number of BYOD and corporate issued devices expand.
“By integrating with our Managed PKI solution, enterprise mobile device users can now bolster the protection of enterprise networks, data and applications. With closer scrutiny around security, this is a critical step companies can take to secure its employees’ mobile data.”
What does this mean for users and administrators?
For users, this will mean no longer having to enter usernames and passwords to access corporate resources via VPN, email and Wi-Fi clients. The latter, in particular, will boost security for mobile workers. Use of Wi-Fi in hotels, conference centres, coffee shops and public spaces increases the risk of credential theft. With this solution, even if users credentials are stolen, the lack of a valid certificate on the mobile device would make it harder for a hacker to connect to corporate resources.
Administrators also gain from this solution. The integration with both Intune and Active Directory will give them greater control over access. They can set Active Directory to automatically issue certificates to domain-joined users and devices. This will allow also allow them to limit what resources the user and device can access.
Enterprise Times: What does this mean
As the number of users who access corporate resources from outside the office increases so does risk. Risk of a breach, risk of data loss and risk to the business. Anything that can reduce that risk is to be welcomed. On the face of it, this deal will improve life for network administrators by automatically provisioning certificates to devices.
A more important benefit is that for the users. Anything that stops users from constantly having to enter their credentials can improve security. It makes it easier to enforce stronger authentication at the edge of the network.
Another benefit here is that it deals with both Bring Your Own Device and home computers. It means that network administrators can easily secure all the devices a user has. They can now do a better job of securing the constantly changing BYOD environment.
The question is how far can it go? Will GlobalSign begin to deliver certificates that can be deployed on popular IoT devices. Devices that support digital voice assistants such as Alexa, Google Assistant, Siri and Cortana are moving from home to work. The ability to secure requests from those devices for access to corporate systems is something that organisations are just starting to ask for. If Microsoft and GlobalSign can extend support here, that would be a market changer.