What choices will you have in securing mobile apps as they proliferate on edge devices of all types? Will upcoming trends in mobility itself limit your options or expand them? Get the facts in an insightful report from industry expert Edward Amoroso.
One of the great tenets of modern cybersecurity is that protections work best when tailored to the specifics of the targeted resource. This white paper provides an overview of the various mobile app security methods including per-app VPN, containers, and micro-segmentation.
Healthcare organizations increasingly recognize the role of mobile devices and applications in connecting clinicians with each other and their patients, as well as for consumers to track their personal health. The number of health apps is growing exponentially. Apps are becoming a necessity in implementing value-based, response and user-friendly care.
This white paper written by Dr. Ed Amoroso, CEO & Founder of TAG Cyber, provides an overview of a method for achieving mobile app security through the technique of code injection. You'll learn how to dynamically introduce military-grade security functions into new or existing software, without introducing new code.
Enterprises wanting to deploy mobile apps to staff, customers and other stakeholders face real security threats—especially as these apps address sensitive functions like banking and home security. How to mitigate these threats? Get answers in this insightful report from industry expert Edward Amoroso, Founder & CEO of TAG Cyber.
Written by Dr. Edward Amoroso, the former SVP & CSO of AT&T, this white paper is first in a five-part series that discusses mobile app security for IT professionals.
Blue Cedar makes it easy to integrate the necessary security controls, including BlackBerry Dynamics, into enterprise mobile apps.
Blue Cedar CEO John Aisien sits down with Information Security Media Group to discuss trends in mobile app security.
Leading bank is rapidly enabling a mobile-first transformation by driving digital adoption and providing secure access to sensitive backend systems without compromising user experience.
Blue Cedar-secured apps enable secure communication from anywhere on government and militarily compliant networks using consumer devices without device agents.
The Blue Cedar Accelerator for BlackBerry, when used with the Blue Cedar platform, automatically embeds BlackBerry Dynamics into mobile apps.
The accelerator automatically embeds security to protect and control data stored locally in Arxan-enabled apps on the device.
This accelerator embeds controls into mobile apps that allow organizations to determine how users are able to connect to enterprise networks from Arxan-enabled apps.
The Blue Cedar Accelerator for Secure Edge Data, when used with the Blue Cedar platform, automatically embeds security to protect and control app data stored locally on the device.
This accelerator automatically configures apps to create transient app-level secure micro tunnels to backend services or applications.
No. Each app uses a unique key.
Absolutely! The Blue Cedar gateway can be consumed in many ways, including on-premise, public cloud, private cloud, and hybrid cloud.
Blue Cedar is a mobile security company that was founded in 2016. We are enabling a fundamental shift from device-centric to data-centric security.
User-level malware will not affect the security of an app protected by Blue Cedar.
The Blue Cedar Gateway supports over 100,000 simultaneous connections.
Secured apps are protected by the app-specific pin. Revocation of user certificates by an administrator prevents apps on specific devices from connecting to the gateway, and from accessing data stored locally on the device. In this latter case, the encryption key is destroyed.
Mobile Device Management (MDM) is focused on securing a device. Blue Cedar focuses on securing an app and its data. These approaches are not contradictory, but complementary. We have many customers who use MDM for device security and functionality (for example, disabling the device camera, remote wipe, app distribution etc.) and simultaneously, on the same devices, secure corporate apps with Blue Cedar to enjoy the benefits only we can provide: seamless remote access, certificate-based single sign-on, etc. Blue Cedar doesn’t require an MDM, of course. Secured apps can be accessed on unmanaged devices when managing a device may be impossible or undesirable.
Both the physical and virtual gateways run on a customized, hardened Linux kernel.
Never. One of the key benefits of app-centric security is that enterprises secure and control only those apps that are used for business purposes.
The encryption key is derived from user-supplied data (a PIN) using PBKDF2. Keys are stored within the app in a Blue Cedar encrypted keystore. Blue Cedar never uses the OS keystore.
Yes, the console is exposed via RESTful API, so the process of securing an app with Blue Cedar may be automated.
Changing the PIN changes the derived key that is used to encrypt the keystore. The data-at-rest key itself, which is stored in the keystore, does not change.
Yes. Blue Cedar holds 19 patents.
One of the key benefits of an app-centric solution is that Blue Cedar security can run on any device that runs iOS or Android.
Apps can be distributed to users with existing enterprise or public app stores. Public app store support is unique to Blue Cedar, delivering a simple way to secure consumer-facing apps.
Blue Cedar protects web apps, hybrid apps, and native apps. We currently support iOS and Android, including iOS 10 and Android N. We strive for “day of release” support for new OS versions, with Windows 10 support planned for the near future.
No way. The Blue Cedar console allows apps to be secured with just a few clicks. There’s no code to write, ever. Simply upload an unsigned .ipa or .apk file to the Blue Cedar console, select policies, and the console returns a signed binary ready for deployment.
The gateway is available as a 1U physical appliance and as a virtual appliance. The virtual appliance is identical in function to the physical appliance.
For a complete list of policies, see our resources page for a data sheet. These policies control what data is encrypted, how data may be shared between apps, how users authenticate, and what devices are permitted to run Blue Cedar secured apps.
Blue Cedar secures individual mobile apps, not the device. This app-centric security means that no container or MDM agent is required on the device.
Yes, our Client Certificates policy allows you to use the certificate obtained during enrollment to login to a backend that supports client cert authentication. We can also support SAML when the IDP supports certificate authentication.
No. Blue Cedar security is transparent to end users! Any user-facing prompts injected by Blue Cedar may be customized and branded for a seamless experience.
Blue Cedar provides granular visibility into each app-specific gateway connection, including: user, device, OS level, app. This information can be forwarded to event management system or SIEM.
Yes, Blue Cedar is certified for FIPS 140-2 compliance.
Blue Cedar injects security code into an app after it has been compiled. This security enforces app-specific policy, including the ability to encrypt data at rest on the device and data in transit between the app and application server. When combined with the Blue Cedar gateway, apps secured with Blue Cedar can connect securely using a per-app microtunnel to resources that sit behind a firewall.
Yes. Consumers simply download a Blue Cedar protected app from a public app store, either Apple’s App Store or Google Play. No pre-configuration or installation of container apps or MDM profiles is required.
Blue Cedar intercepts reads and writes to disk, performing decryption and encryption automatically for any type of data. Encryption is performed using AES 256 bit encryption in XTS mode.
At Blue Cedar, we believe that security should enable mobility, not get in the way of it. We founded Blue Cedar on the principle that the app is the optimal security control point for the modern organization. Our mission is to make mobility secure, simple, and seamless.