Paris, 18 May 2012: Bee Ware adds a solution for recognition of mobile applications to its i-Suite range, ensuring protection and authentication for access to companies’ IT systems.
The facts are simple: The increasing number of mobile terminals (smartphones, tablets, etc.), combined with the growing number of applications for mobile platforms, is creating new problems for individuals and companies who want to protect their sensitive data.
The ever-growing BYOD (Bring Your Own Device) trend raises the issue of securing company data, and therefore of access to the company’s IT system by mobile applications. The problems are the same for an individual who wants to be able to access his or her bank accounts at any time: How can the company or bank be protected against these new accesses to the core of its IT system while ensuring continuity of service?
Each mobile terminal contains an increasing amount of information – personal contacts, credit-card numbers, personal and business e-mail, etc. Compromising one of these terminals can enable hackers to mount a bounce attack on the application infrastructure of its owner’s bank or company. A mobile Web application can then become a poorly protected entryway into the core of an IT system. Mainly based on the HTTP protocol, data exchanges between mobile applications and server applications often escape security teams’ vigilance, since the nature of the data being exchanged remains opaque and non-standardized…
As of today there are very few ways of verifying that data received by (or transiting) the mobile platform is in conformity with what is expected. If we take the example of the XML IT language, the SOAP protocol (which enables sending of messages between remote objects) validates and verifies data exchanged via standardized mechanisms. However, with mobile platforms, SOAP implementations entail significant risk, since their rapid development takes precedence over the risks the mobile platform may be vulnerable to.
The example of applications using the HTML5 data format (designed for presenting Web pages) is no more reassuring. They are subject to the same problems as the XML language, but are also vulnerable to classic Web attacks that can result in theft of session information (login, password) or redirection towards offensive content.
Matthieu Estrade, Technical Director of Bee Ware and a specialist in IT security, warns users: “Server applications specifically developed to meet mobility needs (or simply adapted retroactively) are subject to a lack of standardization of the data being exchanged. The major risk is that these applications are direct tunnels between the mobile application and the core of the companies’ IT system (databases, directories, Web services, etc.)”
To compensate for these faults in application security, Bee Ware has developed the i-Suite platform. i-Suite can extend an optimum level of security to Web applications that exchange data with mobile applications, thus ensuring reinforced security in validating the data being exchanged.
Made up of selected functional packages, i-Suite, thanks to its application firewall, provides control of XML and JSON messages, enabling granular inspection of the data being exchanged as well as control of their format.
Olivier Arous, Director, Marketing and Business Development at Bee Ware, says: “With the arrival of new working tools, the incidence of security breaches is growing rapidly (+93% in 2011 according to the Symantec report). We felt it was vital to respond quickly and offer our customers a simple, easy-to-implement solution for protecting their companies. The strength of our platform is that it offers, within a single solution, an application firewall, access control that is directly transposable to mobile applications, tools for traffic monitoring, and an XML firewall that analyzes the messages used by the Web Services in depth.”
Administration is simplified thanks to 100% graphical, wizard-assisted management of configurations and security policies, enabling centralized management of all functionalities. The i-Suite platform provides its users with optimum continuity of service while considerably reducing risks of data theft.
About Bee Ware:
Bee Ware, a European provider of solutions for security and availability of Web applications, provides organizations of all sizes with the means to fight the growing threats that can impact their activity while ensuring optimum quality of service and performance.
Within a single solution, Bee Ware’s i-Suite provides an application firewall (WAF), access control (WAM), tools for auditing and traffic monitoring, XML Web Services, and centralized management, significantly reducing deployment costs. i-Suite adapts to all types of infrastructures thanks to a complete offer including appliances, virtual machines, or Software-as-a-Service solutions.
Founded in 2002, Bee Ware is present today in Europe in industry, healthcare, finance, and public services.