mobile security in public safety - columbitech.com · 2013-11-15 · mobile security in public...
TRANSCRIPT
Mobile Security in Public SafetyColumbitech Mobile VPN – CJIS-compliant mobile access for smartphones and tablets
Mobile Security in Public SafetyColumbitech Mobile VPN – CJIS-compliant mobile access for smartphones and tablets
behind the firewall–regardless of what device or network they are using. In addition to keeping data secure, Columbitech Mobile VPN improves the performance and reliability of the wireless connection. All features listed are included out of the box.
FIPS 140-2 validated• Uses FIPS 140-2 validated end-to-end AES
encryption.
• The implementation of the cryptographic module has been validated by NIST to ensure best practice and compliance (certificate #307).
Support for advanced authentication• CJIS-compliant two-factor authentication out
of the box.
• A patent-pending split certificate solution uses QR codes to store a piece of the certificate on e.g. a badge, eliminating the need for a Radius server, hardware tokens and 3rd party solutions.
• Supports X.509 client certificates, user-based PKI, one-time passwords (OTPs), PKI smartcards, biometric systems, and software and hardware tokens.
Thanks to powerful smartphones and tablets, first responders are no longer tethered to their vehicles to access criminal history, vehicle registration records and dispatch information. Mobile technologies put mission-critical information at their finger tips, helping them to fight crimes and save lives while staying safe and alert.
Potential but more riskHowever, these new technologies expose the information systems to new security threats. The FBI Criminal Justice Information Services Policy and the Health Insurance Portability and Accountability Act (HIPAA) address these threats and call for the use of FIPS 140-2-validated encryption for wirelessly transmitted data and advanced two-factor authentication.
Public safety agencies are facing the challenge of securing a diverse range of computing devices with an increased pressure to support the bring-your-own-device trend.
Columbitech Mobile VPN OverviewColumbitech Mobile VPN is a software-based mobile virtual private network that securely connects mobile users to applications and data residing
* The Columbitech FIPS 140-2
certificate can be found on the
NIST website under certificate
number #307.
911 calls
Warrants
Vehicle registration
Driver’s license information
Surveillance cameras
Streaming video
Fire hydrants maps
Hazmat maps
Multi-platform support• Provides multi-platform support, including
Android, Apple iOS and OS X, Linux and Windows as well as embedded systems (M2M).
• Enables cost-savings by maintaining use of all devices until EOL.
• Allows organizations to securely implement BYOD initiatives.
Network agnostic• Protects any type of wired or wireless
connection.
• Seamlessly roams among Ethernet, dial-up, cellular, Wi-Fi and satellite links.
Advanced mobility features• Provides a persistent connection between the
mobile device and the application server as users roam or temporarily lose coverage.
• Automatically restores the connection with no need for users to reauthenticate or restart applications and no data is lost.
• Adaptive data compression provides up to 100 percent faster throughput compared to SSL and IPSec VPNs.
• Is based on the DTLS protocol, which provides optimized performance for applications using voice and video.
Software-only solution
• The client software is installed on each device and is completely transparent to the user.
• The VPN server supports virtualization and does not require any additional hardware.
• The VPN server can be installed on the customer’s premises but is also available as a cloud-based service.
Network access control• NAC ensures that the organization’s IT policy is
enforced and that connecting devices comply with the security requirements.
• Scans connecting devices for antivirus and firewall software, operating system version, and other required applications before they can access the network resources.
Policy management• Allows IT administrators to create policies to
manage users’ access rights to the network.
• Enables control of cost as well as quality of service to ensure the performance and availability of mission critical applications.
Mobile devices using Android or iOS are configured by simply scanning a QR code. This oode provides access to the Columbitech demo server.
• Assigns basic block, allow, disconnect or pass-through based on network speed, network name, IP address and time of day.
Scalability• The solution is highly scalable with capability to
handle up to 5,000 concurrent users per VPN server and as many as 255 VPN servers can be clustered in one server group.
• An optional gatekeeper strengthens the protection and handles load balancing and failover.
SDK for app integration• A software development kit enables seamless
integration of Columbitech Mobile VPN mobility and security features into any application running on Android, Apple iOS and Windows Phone 8. Also OS X, Windows and Linux are supported.
Easy setup and maintenance • Easy to setup–install in a few hours.
• Reduces the maintenance cost by leveraging existing tools for deployment such as Microsoft Windows Installer and other MDM solutions.
• Rapid configuration by scanning a QR code.
• Built-in support for version updates and distribution of security credentials such as digital certificates.
Reporting and compliance tracking• A reporting tool based on the Microsoft
Management Console (MMC) tracks all network access attempts.
• Reports can be generated for one or multiple servers as well as for individual users to analyze performance or track compliance.
Single-user licensing • Columbitech Mobile VPN is offered as a single-
user pricing structure.
• No brackets to purchase, buy only what you need and pay maintenance on what you use.
• Supports multiple devices per user.
©2013 Columbitech, Inc. All rights reserved.
Columbitech, Inc. | New York | Stockholm
T: +1 866-855-1874 | [email protected] | www.columbitech.com
About Columbitech
Columbitech protects the entire workforce with one FIPS-validated
VPN solution. With more than two million users, customers include
three of the top 10 U.S. retailers, public safety agencies, telecom
providers and U.S. military branches. Columbitech is privately held,
with offices in Stockholm and New York. Visit www.columbitech.com
for more information.
TECHNICAL SPECIFICATIONCLIENT SUPPORT
Apple iOS 5.0 and up
Apple Mac OS Snow Leopard 10.6 and up
Android 4.0 and up
Android 2.2/2.3 (rooted)
Windows XP/Vista/7/8
Windows Mobile 2002/2003/5.x/6.x
Windows CE 3.x/4.x/5.x
MS-DOS and DR-DOS
Embedded systems
For any other platforms, the Columbitech embedded SDK can be
used to create a custom VPN client.
SERVER SUPPORT
Windows 2003/2008/2012
Linux (kernel 2.6.8 or higher)
NETWORKS
Ethernet (fixed)
Wi-Fi (private and public)
Mesh networks
Cellular networks (WiMAX, 2G, 3G, and 4G)
Dial-up
Satellite
Mobile Security in Public SafetyColumbitech Mobile VPN – CJIS-compliant mobile access for smartphones and tablets
ENCRYPTION
Up to 256-bit AES encryption (FIPS 140-2 validated)
Supports secure hash algorithms SHA-1 (SHA-160) and
SHA-2 (SHA-256, SHA-384 and SHA-512)
AUTHENTICATION
Client certificates (PKI x.509)
Windows Active Directory
Common access cards
Smart cards
Biometrics
Radius
Google authenticator
OTP (e.g. SMS, RSA SecurID, Yubico,
Verizon Universal Identity Services (UIS)