Mocana TrustCenter Enhances Enterprise Security with TPMs and Certificate-Based Protection for Windows and Linux User Workstations | #linux | #linuxsecurity


SAN JOSE, Calif., July 20, 2021 (GLOBE NEWSWIRE) — Mocana has extended its TrustCenter cyber protection platform from operational technology (OT), IoT, and industrial IoT (IIoT) devices to workstations and servers in enterprise IT ecosystems. TrustCenter enables enterprises to protect Windows 10 and 11, Linux and macOS workstations from sophisticated cyberattacks that exploit password-based authentication with compromised credentials.

TrustCenter in conjunction with multi-platform Mocana TrustEdge endpoint agents strengthens device identification with original equipment manufacturers and device owner/operator-issued identifiers. The cybersecurity solution provides key protection with a TPM-based root of trust anchor, and certificate-based operations for signing, encryption, and mutual authentication. The provisioning workflow is simplified and secured so it can be performed by domain-authenticated users through a self-service portal or by IT service management using automation scripts.

“Behind every IT breach is a compromised password,” said Srinivas Kumar, chief technology and product officer at Mocana. “The Mocana TrustCenter platform for enterprise systems modernizes identification and authentication ceremonies beyond passwords.”

TrustCenter enables network operations center and security operations center operators to gain visibility and control of cryptographically protected credentials. While Fast Identity Online features the convenience of local authentication with biometric identity, TrustCenter provides a zero-trust platform with attestation, key protection, and certificate management for identity credentialing, trusted connectivity, and secure data sharing.

The Mocana security platform delivers on-device protection to complement incumbent network-based detection and prevention controls. Once protected cryptographic artifacts are deployed, cyberattacks orchestrated through web browsers or secure shell exploits can be mitigated. These attacks often target mission-critical systems and source code repositories to compromise technology supply chains.

“The cost-benefit analysis of automated key and certificate lifecycle management without the complexity of PKI infrastructure buildout is a compelling reason to optimize and transform services for the convergence of IT and OT networks,” said Tim McAllister, vice president of business development at Mocana. “Security gaps in build automation often rely on self-signed certificates and fail to renew expired certificates in a timely manner. In addition, negotiating authentication and encryption using weak algorithms poses high risks as evident from the sophisticated methods used in recent ransomware and supply chain cyberattacks.”

Mocana TrustCenter is a cost-effective foundational platform for implementing an enterprise zero-trust environment. It leverages automation of embedded trust in the devices and systems that solve for security throughout IT and OT networks and systems, and provides:

  • Simplified, secure provisioning and lifecycle management of keys and certificates integrated with a local root of trust and public or private certificate authorities.

  • Authoritative device identifiers and certificate-based authentication for asset management and tracking.

  • Secure device onboarding with protected keys and certificates for signing, encryption, mutual authentication, and attestation.

  • Standards-based protocols and interoperability with X.509v3 digital certificates.

  • APIs for cloud-based AI/ML and orchestration services to harvest device state and indicators of risk.

  • Supply chain tamper resistance with cryptographic enveloping for trusted content delivery (firmware, operating system, configuration, and line of business application updates) with a horizontal trust chain from developers through providers and publishers to the device.

  • Achievement of compliance objectives and risk-based standards, such as IEC, NIST, NERC-CIP, FCG, and FIPS.

About Mocana

Founded in 2002, Mocana Corporation develops packaged software solutions for commercial and defense sectors widely recognized as best-in-class in IIoT/OT security, protecting over 100 million devices globally. Mocana’s cryptographic engine is FIPS 140-3 Level 1 certified for various target operating environments. In addition, the Mocana TrustCore trust abstraction platform is extensible to a variety of secure elements, and its crypto abstraction platform provides extensibility for third-party crypto provider plugins to comply with export/import controls without reengineering applications. Learn more at mocana.com.

Mocana Contact:
Joel Don
Director of Marketing and Communications
joeldon@mocana.com



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

fifty seven − 48 =