Protecting APIs, mobile apps and cloud services

CA Technologies announced new and updated identity-based solutions to help secure the increasing number of cloud, web and mobile applications operating in today’s open enterprise.

They also announced new mobility and API solutions aimed at accelerating mobile app development, improving application performance and delivering security and user convenience from the client to the backend.

CA’s identity and access management (IAM) solutions help ensure the right users and devices have the right access to the right data—whether the user is a developer building the latest cloud mashup or mobile app, a customer accessing his or her mobile banking application or an employee accessing a corporate cloud service.

To help organizations meet the security needs for a broad range of mobile apps—whether custom-built, vendor-provided or accessed via a Web browser—CA Technologies offers a unified Web and API security and management solution. This helps speed the development process for software engineers and optimize app performance during peak loads. Additional new application security and advanced authentication solutions help secure the app once deployed.

The CA Layer 7 API Portal makes it simple to create a branded online interface for developers so they can access all the design time resources needed to quickly discover and understand an API, and then create an application and track its usage. Designed to support partner, third-party and internal developers across multiple groups simultaneously, this solution grants each unit its own set of access and API publishing privileges — all from a single portal.

The newest release of the API portal provides important features to speed application development with the security expected by the business and customers, including:

• API discovery, interactive documentation and exploration.
• Improved and simplified API grouping and advanced packaging that allows developers to add functionality to an application with one click.
• Integration with the CA Layer 7 Mobile Access GatewayTM to easily add security to an application.

The CA Layer 7 Mobile Access Gateway simplifies the process of adapting internal data, applications and security infrastructure for mobile use. It provides a centralized way to maintain and control security and management policies for information assets exposed via APIs while delivering a consistent level of performance for the app end user. It was the first API Gateway to provide an out-of-the box security software development kit (SDK) to speed incorporating token handling and single sign-on in mobile apps for secure authorization of users, apps and devices.

New functionality for the Mobile Access Gateway includes:

• Integration of CA SiteMinder session cookies and the Mobile SDK to extend the SiteMinder SSO credentials with native mobile apps.
• Social login to enterprise mobile apps, providing convenience for the user while maintaining security and governance.
• Support for the Adobe PhoneGap cross-platform mobile development framework.
• Once a mobile app is deployed and running, another level of security is required to help ensure the right user—employing the right device at the right time from the right location—has access to approved applications.

CA Mobile Application Management (CA MAM) is a new, organically developed solution for the BYOD enterprise. CA MAM leverages CA’s innovative Smart Containerization technology to dynamically control mobile application access policies at a granular level while retaining the native app experience specific to the device or platform. Features such as geo-fencing, time-fencing, network-fencing and enhanced authentication define and enforce detailed access policies related to geographies, time of day and networks, further improving security of enterprise mobile apps.

The current release of CA Advanced Authentication complements the solutions announced today by providing a variety of strong authentication credentials and risk-based evaluation tools for mobile environments. Features in CA Advanced Authentication that make security convenient and seamless to the user include:

• An SDK that embeds strong authentication into a mobile app. With the option of leveraging a PKI or one time password (OTP) software credential, security and user convenience is greatly streamlined and improved.
• A PKI credential to provide a seamless user experience. The user simply logs in with their usual password and behind the scenes the strong authentication is taking place.
• An OTP that can be generated by CA Technologies free mobile app, or it can be delivered in the form of text message, voice message or email.

In addition to the Identity and Access Management solutions, CA Technologies also announced its CA Management Cloud for Mobility. Several of the announced IAM solutions are included in that offering, enabling end-to-end mobile security and management from development through runtime and from the device to the data center.