Welcome!

News Feed Item

CA Technologies Announces New Security Solutions to Protect APIs, Mobile Apps and Cloud Services from Development to Runtime

CA Technologies (NASDAQ:CA) today announced new and updated identity-based solutions to help secure the increasing number of cloud, web and mobile applications operating in today’s open enterprise.

The new mobility and API solutions announced today accelerate mobile app development, improve application performance and deliver security and user convenience from the client to the backend.

“The expansion of mobile and cloud use and the growth in API adoption has opened the enterprise and further complicated the security challenge of balancing business enablement with business protection,” said Mike Denning, senior vice president and general manager, Security business, CA Technologies. “CA is the only company that can protect data and applications operating in today’s open enterprise from development through runtime and from device to data center.”

According to a recent report, “Forrester predicts that in 2014, mobile and cloud adoption will continue to drive identity and access management (IAM) toward application programming interface (API) management.”*

CA’s identity and access management (IAM) solutions help ensure the right users and devices have the right access to the right data—whether the user is a developer building the latest cloud mashup or mobile app, a customer accessing his or her mobile banking application or an employee accessing a corporate cloud service.

“At Orlando Utilities Commission (OUC), we are putting our data to work for us in the form of APIs to better serve our customers,” said George Delacova, Solution Architect, for OUC—The Reliable One, the second largest municipal utility in Florida. “By securely opening our data as APIs to trusted payment partners, our customer portal and our interactive telephone system, we now have applications that can receive a customer payment and get a customer’s power up and running within minutes. Working with CA Technologies to manage and secure those APIs is critical to our ability to put the customer first and deliver the best experience.”

Securing the Mobile Enterprise with Unmatched User Convenience

To help organizations meet the security needs for a broad range of mobile apps—whether custom-built, vendor-provided or accessed via a Web browser—CA Technologies offers a unified Web and API security and management solution. This helps speed the development process for software engineers and optimize app performance during peak loads. Additional new application security and advanced authentication solutions help secure the app once deployed.

According to Forrester Research, Inc., “Development shops are just starting to grapple with the biggest change to system architecture since the rise of client/server in the early 1990s: omnichannel clients deployed on smartphones, tablets, and other connected devices. The mobile-first focus these organizations adopt forces application architects to think differently about the APIs clients use to access data and functionality.”**

The CA Layer 7 API Portal makes it simple to create a branded online interface for developers so they can access all the design time resources needed to quickly discover and understand an API, and then create an application and track its usage. Designed to support partner, third-party and internal developers across multiple groups simultaneously, this solution grants each unit its own set of access and API publishing privileges — all from a single portal. The newest release of the API portal provides important features to speed application development with the security expected by the business and customers, including:

  • API discovery, interactive documentation and exploration.
  • Improved and simplified API grouping and advanced packaging that allows developers to add functionality to an application with one click.
  • Integration with the CA Layer 7 Mobile Access GatewayTM to easily add security to an application.

The CA Layer 7 Mobile Access Gateway simplifies the process of adapting internal data, applications and security infrastructure for mobile use. It provides a centralized way to maintain and control security and management policies for information assets exposed via APIs while delivering a consistent level of performance for the app end user. It was the first API Gateway to provide an out-of-the box security software development kit (SDK) to speed incorporating token handling and single sign-on in mobile apps for secure authorization of users, apps and devices. New functionality for the Mobile Access Gateway includes:

  • Integration of CA SiteMinder® session cookies and the Mobile SDK to extend the SiteMinder SSO credentials with native mobile apps.
  • Social login to enterprise mobile apps, providing convenience for the user while maintaining security and governance.
  • Support for the Adobe PhoneGap cross-platform mobile development framework.

Once a mobile app is deployed and running, another level of security is required to help ensure the right user—employing the right device at the right time from the right location—has access to approved applications.

CA Mobile Application Management (CA MAM) is a new, organically developed solution for the BYOD enterprise. CA MAM leverages CA’s innovative Smart Containerization™ technology to dynamically control mobile application access policies at a granular level while retaining the native app experience specific to the device or platform. Features such as geo-fencing, time-fencing, network-fencing and enhanced authentication define and enforce detailed access policies related to geographies, time of day and networks, further improving security of enterprise mobile apps.

The current release of CA Advanced Authentication complements the solutions announced today by providing a variety of strong authentication credentials and risk-based evaluation tools for mobile environments. Features in CA Advanced Authentication that make security convenient and seamless to the user include:

  • An SDK that embeds strong authentication into a mobile app. With the option of leveraging a PKI or one time password (OTP) software credential, security and user convenience is greatly streamlined and improved.
  • A PKI credential to provide a seamless user experience. The user simply logs in with their usual password and behind the scenes the strong authentication is taking place.
  • An OTP that can be generated by CA Technologies free mobile app, or it can be delivered in the form of text message, voice message or email.

“Customer convenience has become a key business advantage. The easier a transaction is, the happier the customer,” said Vincenzo Pompa, CEO of PosteCom, the IT and eBusiness innovation company of Poste Italiane. “For convenience sake, it’s important for Poste Italiane to offer mobile options to our customers for a variety of services, but we need to do it securely. Our collaboration with CA Technologies to engage our customers on their mobile devices and protect online transactions is important for innovating and growing our business.”

In addition to the Identity and Access Management solutions announced today, CA Technologies also announced its CA Management Cloud for Mobility. Several of the IAM solutions announced today are included in that offering, enabling end-to-end mobile security and management from development through runtime and from the device to the data center.

CA Technologies is demonstrating its IAM portfolio at RSA Conference USA 2014 in booth 2709. In addition, representatives are speaking at the CSA Summit, and the company is hosting an API workshop.

Supporting Facts, Stats on the Open Enterprise

  • The issue of mobile app creation and security is at the top of senior IT leaders’ agendas. In a recent global study, more than one third of respondents acknowledged that security and privacy concerns around mobility are their number one challenges. At the same time, the study showed that 63 percent of respondents view mobile apps for customers or employees as their number one priority.***
  • 451 Research “believes that a conservative estimate of the revenue generated by cloud vendors in 2012 was $5.7 billion, and the market will grow at a CAGR of 36 percent to reach $19.5 billion in 2016.”****
  • The number of APIs has grown to over 11,000, up from 9,000 as reported on April 30, 2013.
  • Overall app use in 2013 posted 115 percent year-over-year growth (Flurry Analytics).

*Predictions 2014: Identity And Access Management, Forrester Research, Inc., January 7, 2014

**The Forrester Wave™: API Management Platforms, Q1 2013, Forrester Research, Inc., February 5, 2013

***Enterprise Mobility–It’s All About the Apps, TechInsights, November 2013

****Cloud Computing Overview Report 2013, 451 Research, Yulitza Peraza and Greg Zwakman, August 2013

About CA Technologies

CA Technologies (NASDAQ: CA) provides IT management solutions that help customers manage and secure complex IT environments to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. Learn more about CA Technologies at www.ca.com.

Follow CA Technologies

Twitter
Social Media Page
Press Releases

Legal Notices

Copyright © 2014 CA. All Rights Reserved. One CA Plaza, Islandia, N.Y. 11749. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Dave McCarthy, Director of Products at Bsquare Corporation; Alan Williamson, Principal ...
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
DevOps and microservices are permeating software engineering teams broadly, whether these teams are in pure software shops but happen to run a business, such Uber and Airbnb, or in companies that rely heavily on software to run more traditional business, such as financial firms or high-end manufacturers. Microservices and DevOps have created software development and therefore business speed and agility benefits, but they have also created problems; specifically, they have created software securi...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
"There is a huge interest in Kubernetes. People are now starting to use Kubernetes and implement it," stated Sebastian Scheele, co-founder of Loodse, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Providing secure, mobile access to sensitive data sets is a critical element in realizing the full potential of cloud computing. However, large data caches remain inaccessible to edge devices for reasons of security, size, format or limited viewing capabilities. Medical imaging, computer aided design and seismic interpretation are just a few examples of industries facing this challenge. Rather than fighting for incremental gains by pulling these datasets to edge devices, we need to embrace the i...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Fifty billion connected devices and still no winning protocols standards. HTTP, WebSockets, MQTT, and CoAP seem to be leading in the IoT protocol race at the moment but many more protocols are getting introduced on a regular basis. Each protocol has its pros and cons depending on the nature of the communications. Does there really need to be only one protocol to rule them all? Of course not. In his session at @ThingsExpo, Chris Matthieu, co-founder and CTO of Octoblu, walked through how Octob...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
"We're bringing out a new application monitoring system to the DevOps space. It manages large enterprise applications that are distributed throughout a node in many enterprises and we manage them as one collective," explained Kevin Barnes, President of eCube Systems, in this SYS-CON.tv interview at DevOps at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.