Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:00 AM
Dark Reading
Dark Reading
Products and Releases


Extends Enterprise Apps to Any User Over Any Network, Blocking #1 Data Breach Attack Vector

PITTSBURGH – April 22, 2015 – Certes Networks, a leading innovator in security solutions to protect networked applications, today announced CryptoFlow Mobile’s security app is available on the App Store.

Certes’ CryptoFlow Solutions permit enterprise security managers and IT managers to safely extend any enterprise application to any authorized user over any network.

CryptoFlows dramatically simplify how networked applications are protected and accessed, permitting automatic role-based user access to sensitive applications while blocking the number one attack vector in recent major data breaches.

CryptoFlows now support the iPhone, iPad and iPad mini. The CryptoFlow automatic configuration app on the App Store enables enterprises to roll out safe applications to mobile employees including those using personal devices in a BYOD setting.

Using CryptoFlows for iPhone, iPad or iPad mini first requires an enterprise to deploy CryptoFlow Solutions from Certes Networks. To extend enterprise applications to these Apple devices, users simply download the CryptoFlow app to conduct a one-time registration of their device with the corporate CryptoFlow Solutions installation.  From then on, protected access to enterprise applications is automatic, requiring no user configuration to remain secure.

CryptoFlows are application-aware and enable IT managers to designate specific applications to be extended to users while tightly controlled how applications are accessed with a single point of control. The solutions are user-aware because they are automatically synced with the enterprise directory. User access to apps is based on each user’s role and security profile. Users can enroll their device with the same corporate credentials they use for enterprise applications.

Traditional per-application VPNs rely on device software to enforce which applications get access to the VPN and then to corporate networks. Then the user of that device has full access past the firewalled perimeter, a situation that has led to the highest profile and most damaging data breaches of recent years.

In contrast, CryptoFlows enforce the user-application access at CryptoFlow enforcement points in the enterprise network and don't rely on client side validation. The enterprise security managers and IT managers control all access, algorithms, keys and other parameters for all users from one central point.

By aligning mobile application access with the role-based security profile, enterprises keep hackers from gaining access to sensitive enterprise data. Sensitive applications are safe even if hackers get past firewalls or other security controls. This blocks the number one attack vector that has caused massive data breaches around the world in the last two years.

Benefits of CryptoFlows include:

·         Simple enforceable security for any enterprise application to user end-points, with one central point of control.

·         Automatic configuration and VPN activation. No chance for user error or end-runs around security.

·         No reliance on third-party app security that contains vulnerabilities and is out of the enterprise’s control.

·         Strong encryption of all data traffic completely independent of the firewalls and network devices, resulting in security without performance degradation.

·         Faster and broader rollout of new enterprise applications because of simpler, one-and-done security of data traffic.

·         Reduced temptation for users to turn to “Shadow IT” because authorized, secure applications are available and accessible earlier.

Learn more at CertesNetworks.com or visit Certes in Booth S2816 at RSA 2015.

About Certes Networks

Certes Networks protects data in motion. The company’s award-winning CryptoFlowSolutions safeguard data traffic in physical, virtual and Cloud environments, enabling secure connectivity over any infrastructure without compromising network device or application performance. Companies around the world rely on network encryption products from Certes Networks to protect data, accelerate application deployment, simplify network projects, reduce compliance costs, and improve the return on investment in IT infrastructure. For more information, visit certesnetworks.com.

Apple, iPhone, iPad, and iPad mini are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...