Welcome!

News Feed Item

CA Technologies Announces New Security Solutions to Protect APIs, Mobile Apps and Cloud Services from Development to Runtime

CA Technologies (NASDAQ:CA) today announced new and updated identity-based solutions to help secure the increasing number of cloud, web and mobile applications operating in today’s open enterprise.

The new mobility and API solutions announced today accelerate mobile app development, improve application performance and deliver security and user convenience from the client to the backend.

“The expansion of mobile and cloud use and the growth in API adoption has opened the enterprise and further complicated the security challenge of balancing business enablement with business protection,” said Mike Denning, senior vice president and general manager, Security business, CA Technologies. “CA is the only company that can protect data and applications operating in today’s open enterprise from development through runtime and from device to data center.”

According to a recent report, “Forrester predicts that in 2014, mobile and cloud adoption will continue to drive identity and access management (IAM) toward application programming interface (API) management.”*

CA’s identity and access management (IAM) solutions help ensure the right users and devices have the right access to the right data—whether the user is a developer building the latest cloud mashup or mobile app, a customer accessing his or her mobile banking application or an employee accessing a corporate cloud service.

“At Orlando Utilities Commission (OUC), we are putting our data to work for us in the form of APIs to better serve our customers,” said George Delacova, Solution Architect, for OUC—The Reliable One, the second largest municipal utility in Florida. “By securely opening our data as APIs to trusted payment partners, our customer portal and our interactive telephone system, we now have applications that can receive a customer payment and get a customer’s power up and running within minutes. Working with CA Technologies to manage and secure those APIs is critical to our ability to put the customer first and deliver the best experience.”

Securing the Mobile Enterprise with Unmatched User Convenience

To help organizations meet the security needs for a broad range of mobile apps—whether custom-built, vendor-provided or accessed via a Web browser—CA Technologies offers a unified Web and API security and management solution. This helps speed the development process for software engineers and optimize app performance during peak loads. Additional new application security and advanced authentication solutions help secure the app once deployed.

According to Forrester Research, Inc., “Development shops are just starting to grapple with the biggest change to system architecture since the rise of client/server in the early 1990s: omnichannel clients deployed on smartphones, tablets, and other connected devices. The mobile-first focus these organizations adopt forces application architects to think differently about the APIs clients use to access data and functionality.”**

The CA Layer 7 API Portal makes it simple to create a branded online interface for developers so they can access all the design time resources needed to quickly discover and understand an API, and then create an application and track its usage. Designed to support partner, third-party and internal developers across multiple groups simultaneously, this solution grants each unit its own set of access and API publishing privileges — all from a single portal. The newest release of the API portal provides important features to speed application development with the security expected by the business and customers, including:

  • API discovery, interactive documentation and exploration.
  • Improved and simplified API grouping and advanced packaging that allows developers to add functionality to an application with one click.
  • Integration with the CA Layer 7 Mobile Access GatewayTM to easily add security to an application.

The CA Layer 7 Mobile Access Gateway simplifies the process of adapting internal data, applications and security infrastructure for mobile use. It provides a centralized way to maintain and control security and management policies for information assets exposed via APIs while delivering a consistent level of performance for the app end user. It was the first API Gateway to provide an out-of-the box security software development kit (SDK) to speed incorporating token handling and single sign-on in mobile apps for secure authorization of users, apps and devices. New functionality for the Mobile Access Gateway includes:

  • Integration of CA SiteMinder® session cookies and the Mobile SDK to extend the SiteMinder SSO credentials with native mobile apps.
  • Social login to enterprise mobile apps, providing convenience for the user while maintaining security and governance.
  • Support for the Adobe PhoneGap cross-platform mobile development framework.

Once a mobile app is deployed and running, another level of security is required to help ensure the right user—employing the right device at the right time from the right location—has access to approved applications.

CA Mobile Application Management (CA MAM) is a new, organically developed solution for the BYOD enterprise. CA MAM leverages CA’s innovative Smart Containerization™ technology to dynamically control mobile application access policies at a granular level while retaining the native app experience specific to the device or platform. Features such as geo-fencing, time-fencing, network-fencing and enhanced authentication define and enforce detailed access policies related to geographies, time of day and networks, further improving security of enterprise mobile apps.

The current release of CA Advanced Authentication complements the solutions announced today by providing a variety of strong authentication credentials and risk-based evaluation tools for mobile environments. Features in CA Advanced Authentication that make security convenient and seamless to the user include:

  • An SDK that embeds strong authentication into a mobile app. With the option of leveraging a PKI or one time password (OTP) software credential, security and user convenience is greatly streamlined and improved.
  • A PKI credential to provide a seamless user experience. The user simply logs in with their usual password and behind the scenes the strong authentication is taking place.
  • An OTP that can be generated by CA Technologies free mobile app, or it can be delivered in the form of text message, voice message or email.

“Customer convenience has become a key business advantage. The easier a transaction is, the happier the customer,” said Vincenzo Pompa, CEO of PosteCom, the IT and eBusiness innovation company of Poste Italiane. “For convenience sake, it’s important for Poste Italiane to offer mobile options to our customers for a variety of services, but we need to do it securely. Our collaboration with CA Technologies to engage our customers on their mobile devices and protect online transactions is important for innovating and growing our business.”

In addition to the Identity and Access Management solutions announced today, CA Technologies also announced its CA Management Cloud for Mobility. Several of the IAM solutions announced today are included in that offering, enabling end-to-end mobile security and management from development through runtime and from the device to the data center.

CA Technologies is demonstrating its IAM portfolio at RSA Conference USA 2014 in booth 2709. In addition, representatives are speaking at the CSA Summit, and the company is hosting an API workshop.

Supporting Facts, Stats on the Open Enterprise

  • The issue of mobile app creation and security is at the top of senior IT leaders’ agendas. In a recent global study, more than one third of respondents acknowledged that security and privacy concerns around mobility are their number one challenges. At the same time, the study showed that 63 percent of respondents view mobile apps for customers or employees as their number one priority.***
  • 451 Research “believes that a conservative estimate of the revenue generated by cloud vendors in 2012 was $5.7 billion, and the market will grow at a CAGR of 36 percent to reach $19.5 billion in 2016.”****
  • The number of APIs has grown to over 11,000, up from 9,000 as reported on April 30, 2013.
  • Overall app use in 2013 posted 115 percent year-over-year growth (Flurry Analytics).

*Predictions 2014: Identity And Access Management, Forrester Research, Inc., January 7, 2014

**The Forrester Wave™: API Management Platforms, Q1 2013, Forrester Research, Inc., February 5, 2013

***Enterprise Mobility–It’s All About the Apps, TechInsights, November 2013

****Cloud Computing Overview Report 2013, 451 Research, Yulitza Peraza and Greg Zwakman, August 2013

About CA Technologies

CA Technologies (NASDAQ: CA) provides IT management solutions that help customers manage and secure complex IT environments to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. Learn more about CA Technologies at www.ca.com.

Follow CA Technologies

Twitter
Social Media Page
Press Releases

Legal Notices

Copyright © 2014 CA. All Rights Reserved. One CA Plaza, Islandia, N.Y. 11749. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterprise adopting a hybrid or public cloud needs systems and tools that provide: Agility: ability to deliver applications and services faster, even in complex hybrid environments Easier manageability: enable reliable connectivity with complete oversight as the data center network evolves Greater efficiency: eliminate wasted effort while reducing errors and optimize asset utilization Security: imple...
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, will discuss how by using...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
The session is centered around the tracing of systems on cloud using technologies like ebpf. The goal is to talk about what this technology is all about and what purpose it serves. In his session at 21st Cloud Expo, Shashank Jain, Development Architect at SAP, will touch upon concepts of observability in the cloud and also some of the challenges we have. Generally most cloud-based monitoring tools capture details at a very granular level. To troubleshoot problems this might not be good enough.
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japanese Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ruby Development Inc. builds new services in short period of time and provides a continuous support of those services based on Ruby on Rails. For more information, please visit https://github.com/RubyDevInc.
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere. In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats th...
First generation hyperconverged solutions have taken the data center by storm, rapidly proliferating in pockets everywhere to provide further consolidation of floor space and workloads. These first generation solutions are not without challenges, however. In his session at 21st Cloud Expo, Wes Talbert, a Principal Architect and results-driven enterprise sales leader at NetApp, will discuss how the HCI solution of tomorrow will integrate with the public cloud to deliver a quality hybrid cloud e...
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
Is advanced scheduling in Kubernetes achievable? Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, will answer these questions and demonstrate techniques for implementing advanced scheduling. For example, using spot instances ...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Taica manufacturers Alpha-GEL brand silicone components and materials, which maintain outstanding performance over a wide temperature range -40C to +200C. For more information, visit http://www.taica.co.jp/english/.