Secure mobility agnosticism - device, reader, app & card independence

Thursby PKard offers secure mobility choices

A new breed of enterprise software has emerged over the past two to three years attempting to layer management onto enterprise mobile usage, with a flood of new and some older acronyms and buzzwords including –

  • MDM (Mobile Device Management)
  • MAM (Mobile App Management)
  • MAS (Mobile App Store Management)
  • Mobile SDK (Software Development Kits)
  • Mobile wrappers
  • Mobile containers
  • NOC (Network Operations Centers)

The focus is device or app management, with few if any strong security choices beyond consumer grade passwords, OTA pass codes or soft tokens, all of which offer weak resistance to identity fraud, tampering, counterfeiting and exploitation.

Thursby's US built, supported and royalty free PKard Toolkit is focused on data management with strong security, offering a wide degree of choices --

  • Device agnostic - Apple or Android. tablets or smart phones
  • Card reader agnostic - multiple readers in multiple form factors supported
  • Card type agnostic  - CAC, CAC Dual Persona, PIV, PIV-I and other popular smart card types
  • App agnostic  - access to reader hardware and cards is coordinated across multiple apps from Thursby, commercial third parties, or custom in-house apps
  • Authentication method agnostic - including smart cards and derived certificates (where permitted)

The PKard Toolkit enabled apps can run standalone for BYOD or be integrated with the enterprise tools above for enterprise furnished equipment.

 

Postscript

In the Bible story of David and Goliath, revered by Jews, Christians and Muslims alike, the shepherd David kills the giant soldier Goliath with a sling, aptly illustrating that the security of Goliath was only as strong as the weakest element in his armor -- his helmet left his forehead exposed to an accurate slingshot strike.

The Hindu Bible, the Gita, or "Song Celestial", describes a war battle between "good" and "evil" armies.   In simple terms, the "evil" Kuaravas choose to have countless weak soldiers since it seems to be a good approach in theory.   The "good" Pandavas  have just a few strong soldiers  ... and win.   Strong security is like that, better to have a few strong elements than countless weak "marketing bullet points" like checking the browser type, the time, the location, the password, or sending the pass code over insecure web, email, SMS or voice.  Strong security is often already in-use in highly regulated organizatons and need only be applied more widely, whether to mobile, to cloud, or other types of user groups such as partners, or customers.