Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services

12 Things to Look for in a Managed PKI Solution, Part 4

Created: 24 Mar 2014 • Updated: 24 Mar 2014
MelanieLopez's picture
+1 1 Vote
Login to vote

This is the final part of a four-part series covering twelve fundamentals for choosing a managed PKI solution, and questions to ask in the buying process.


In part 3 of our PKI blog series, we identified several features that simplify administration of a managed PKI. This week, we address mobility. It is arguably the most popular use case that enterprises struggle with today. Organizations are tasked with integrating and supporting mobile devices into the corporate network as part of a BYOD strategy. While mobile devices increase productivity and provide new ways for workforces to collaborate, they also introduce unique security challenges that keep CISOs and Security departments awake at night. In response to these challenges, enterprise security teams are turning to PKI to address security within their mobile strategies.

12. Mobile Device Support

To start, IT needs a way to securely identify and authenticate the device on the network; via WiFi, VPN, or from within an application. This is primarily accomplished using a digital certificate issued to the user or device. The Symantec Managed PKI is the only platform on the market that provides out-of-the-box certificate enrollment to mobile devices either natively (iOS) or in conjunction with a PKI client (Android). Built-in workflows enable certificate registration and delivery of configuration settings for VPN, ActiveSync, and other application settings. Companies can choose to leverage a set of built-in options, or upload their own .mobileconfig file. While many organizations have already made an investment in an MDM solution, many have not, or require a simple solution to deploy certificates to mobile devices. Delivering the certificate and automatically configuring settings on the device ensures fewer helpdesk calls and a better end user experience.

In addition, Symantec Managed PKI has the ability to extend secure email capabilities by delivering an S/MIME certificate as part of the configuration sent to the device. If the user has an existing S/MIME certificate enrolled on their corporate laptop or desktop, it is automatically recovered so the user has the same publicly trusted S/MIME certificate on all of their devices. Symantec can automatically publish this certificate in the corporate directory so it can be leveraged by the organization.

These examples demonstrate how the Symantec Managed PKI is enabling the enterprise to securely leverage mobile devices through the use of a simple, yet powerful, workflow. No other Managed PKI in the market today offers such a broad range of out-of-the-box workflows and capabilities associated with Mobile devices. However, for organizations that have an MDM, Symantec Managed PKI integrates with leading solutions from Symantec, AirWatch, MobileIron, and more.

Known as App Center, Symantec’s Mobility Management Suite extends additional security to mobile devices and information they contain. App Center provides an organization with comprehensive MDM controls and goes beyond these traditional measures to offer Mobile Application Management (MAM) and Mobile Information Management (MIM) all from a single management console in an on-premise or SaaS deployment model. Look to hear more about this powerful mobile suite in upcoming posts.

Questions to Ask

As a quick recap, here are a few things to remember when looking for a managed PKI to bolster mobile security.

  1. Does it offer simple built-in workflows to enable mobile device configuration?
  2. Does it offer documented and tested integrations with leading MDM providers?
  3. Does it support the delivery and management of multiple certificates types on a device?
  4. Does it offer advanced S/MIME capabilities?