Centrify for Mobile 2013 positions itself as more that just an mobile device management (MDM) solution by providing mobile application management (MAM) and zero sign-on for web and mobile applications. This makes it a potential solution for organizations moving to BYOD.
More importantly, Centrify for Mobile 2013 extends Microsoft Active Directory (AD) for managing secure device containers to mobile devices. It’s a familiar security solution, well entrenched inside many enterprises, which is a great selling point. The AD security can even be extended to Android devices, unlike so many other MDM and BYOD platforms that focus on iOS.
I recently had a chance to talk with Tom Kemp, CEO of Centrify, who brought me up to speed on Centrify for Mobile 2013 and their partnership with Samsung and the new Samsung KNOX mobile security software.
Inside Centrify for Mobile 2013
Centrify for Mobile 2013 is available as an on-premise solution. It’s priced at $3.00 (USD) per device, per year. This price includes technical support and access to feature updates. There is also a SaaS version, which is available at $4.00 (USD) per user, per month.
The Centrify for Mobile 2013 solution integrates mobile devices into your central group directory with a group-based security configuration and includes the following features:
- Mobile authentication services (MAS) that provide zero sign-on for mobile and web applications. It also includes a MyCentrify mobile app for Web SSO and SDK to integrate with your in-house applications.
- MAM that provides integrated mobile and web application management with role-based access control by AD users and groups. MAM also controls mobile app auto-provisioning/deprovisioning.
- Mobile container management (MCM) that enables centralized management capabilities, supporting secured containers with single sign-on access to mobile and web applications within the container. This provides BYOD users with separate work and personal environments. IT can ensure proper security over the work environment without compromising the user’s personal data and applications.
- MDM that includes a new auto-management ActiveSync device access ABQ list. It also supports the mass deployment and supervision of iOS devices, as well as new expanded support for Android and Samsung SAFE.
Centrify for Mobile 2013 as a BYOD solution
An organization could manage the full life cycle of BYOD devices — onboarding to application provisioning — with Centrify for Mobile 2013 as its sole solution. This sort of consolidation leads to cost and management savings, with the potential for a smoother workflow for BYOD users and administrators.
The benefit of single sign on (SSO) for BYOD means preserving security and user experience across a diverse set of devices. It also should save on support and training costs when onboarding BYOD users. Centrify for Mobile 2013 covers all of these bases with:
- Zero sign-on for mobile and web applications
- Support for Security Assertion Markup Language (SAML), OAuth, and OpenID standards that should cover the common security access requirements
- MyCentrify native mobile app for Web SSO, enabling one-click access to web sites
- Support for both iOS and Android devices
Centrify for Mobile 2013 also makes for solid BYOD management, because it has a central management console where administrators can manage the following:
- Intranet apps (inside the firewall)
- SaaS web apps (outside the firewall)
- Consumer mobile apps
- Custom mobile apps
- Enterprise app catalog that includes all the corporate-approved mobile apps
MAM also extends to the auto-provisioning/deprovisioning of mobile apps that enables:
- Enterprise app catalog for corporate-approved mobile apps
- Mobile apps deployment for automatic install to devices
- Automated provisioning via MDM controls for centralized management and deprovisioning of the unenrollment of BYOD devices
Perhaps the biggest news out of my call with Centrify with the most implications for BYOD is the release of the Samsung KNOX, a new Android security software for select Samsung handsets. KNOX includes technologies generally available in Centrify for Mobile 2013, including:
- Container technology that separates personal data from corporate apps and data
- Centrify-enabled multi-application SSO for mobile and web apps in the Samsung KNOX secure containers
- AD management over KNOX containers and devices
- Role-based access to applications
This kind of onboard security is the future, as BYOD continues to grow in popularity. Companies will naturally gravitate to security solutions as a prerequisite for BYOD devices. This time next year, I expect to see more mobile handset/security firm partnerships with competing on-device and backend security solutions.
Centrify for Mobile 2013 — with its promise of SSO, AD integration, and management tools — definitely qualifies as a backend solution for a BYOD initiative. This is a real unique mix, in my opinion, and being able to use an existing AD infrastructure that’s already familiar to decision makers and IT staff could compensate for uncertainties on the device security side that might occur along the way to full BYOD implementation.
TechRepublic and ZDNet delve deeper into this topic in a special report page: BYOD and the Consumerization of IT.