Employees are no longer chained to desktop machines confined within the corporate firewall. Thus, it is imperative that enterprises can trust the data and applications on their employees’ mobile devices. To tackle this, mobile device management (MDM) platforms have emerged to remotely provision, manage applications, track inventory, and enforce organization policies to secure corporate information.
Such device management capabilities have helped companies keep mobile devices secure while keeping the workforce flexible and productive. To bolster device security, MDM platforms support digital certificates. Savvy enterprises can optimize their MDM investment and gain efficiency by getting certificates on mobile devices as well as revoking them when necessary.
What is a Digital Certificate?
A digital certificate (also known as an identity certificate or public key certificate) is an electronic credential that can prove the authenticity of a user, device, server, or website. It uses PKI (public key infrastructure) to allow individuals and organizations to communicate and securely exchange data.
A digital certificate contains a public key and the identity of the owner and is issued by certification authorities (CAs), thus verifying the identity of a device or user that is requesting access. To ensure validity, the public key should match the corresponding private key of the recipient. A digital certificate contains the following information –
Organization or department name
IP address or serial number of a device
The public key associated with the certificate
Validity of the certificate
The algorithm used to sign the certificate
Benefits of Digital Certificates
Reliable. They cannot be tricked or faked since they are issued by publicly trusted CAs.
Easy setup. Digital certificates support laptops, tablets, and mobile smartphone operating systems. Set up and installation does not require extensive IT support.
Security. Enterprise networks and software applications (e.g., VPN, email, and website secure access through SSL) support digital certificates.
Better UX. They provide a better user experience on mobile devices compared to typing usernames and passwords.
Scalable. Digital certificates can be used across multiple devices and operating systems for small and large businesses, managing and securing numerous devices.
Why Do Digital Certificates Matter for Managing Devices?
Most IT leaders agree that usernames and passwords alone aren’t sufficient for enterprises to protect their IT assets. Digital certificates are time-tested for successfully securing data and networks. Their foundation in public key encryption technology makes them an excellent option for strong authentication and adds an extra layer of security. Organizations can use digital certificates to authenticate user access for protecting VPNs, Wi-Fi, and other applications.
Mobile devices and operating systems support digital certificates well. The predominant applications using digital certificates on mobile devices include VPN, Wi-Fi, email, and websites. Mainly, digital certificates can be delivered by most enterprise mobile device management platforms. The commonly used certificates are –
Certificate Authority (CA) Certificate. A CA is a digital certificate issued by a certificate authority. CAs create digital certificates by verifying the details of a user’s or organization’s identity. This certificate ensures that the certificate owner can attach their digital certificate to their public key and send it directly to the receiver instead of to a central site, eliminating the “man-in-the-middle” attacks.
Chained Certificate. CA hierarchies are reflected in certificate chains. A certificate chain traces a path of certificates from a branch in the hierarchy to the root of the hierarchy.
Identity Certificate. These digital certificates are used by apps or browsers to identify users and are utilized in Certificate-Based Authentication.
Certificate Management with Scalefusion MDM
Adding MDM certificates
IT admins can upload the required MDM certificates and distribute them to managed devices. Follow the steps to add certificates using Scalefusion –
Navigate to Device Profiles and Policies > Certificate Management
Click on Upload Certificate
Enter a certificate name and select files; Click Save. Follow the same steps to add multiple certificates.
Note – Scalefusion supports PKCS12(.p12) and PKCS1(cer, pem) files.
Distributing MDM certificates
The uploaded certificates can be distributed on the device profiles or to the respective mobile devices.
Select the policy and click on the three-dot menu under Actions; Click Publish
Select the profile(s) or mobile devices that need the certificates; Click Publish
To secure today’s expanding ecosystem of mobile devices, IT teams need an efficient way to distribute digital certificates and gain visibility into the organization’s device environment. Using a mobile device management platform can simplify the deployment experience of digital certificates as well as provide additional security over mobile devices.