Cortado Corporate Server is based on a three-tier security concept. The solution provides maximum security on the device during data transfer and when accessing the backend. The most important components are complete Active Directory integration, comprehensive data encryption, and the focus on only one access pointfor mobile device management, file sharing and Microsoft Exchange. Complemented by wide-ranging auditing, the solution itself meets the highest security and compliance requirements.
Cortado Corporate Server creates a native container for iOS devices, even including the native mail app which users prefer and know how to use. It builds upon this container by adding secure file access and sharing as well as providing a secure web browser. Mobile Device and Application Management using Cortado Corporate Server with Apple devices guarantee the highest levels of security for enterprises of any size.
Thanks to Active Directory integration, all existing user rights on the corporate network, including those for remote access, are carried over via Cortado Corporate Server – with the option to further limit these for individual users or user groups. Since all actions are performed in the user context, the compatibility with associated applications, and tracking and auditing systems is assured.
All of Cortado Corporate Server’s external communication takes place over a single port. Both mobile device management and corporate access are via just one port. Consequently, Cortado Corporate Server functions as a relay center for all corporate resources. Only after verifying the user rights does Cortado Corporate Server forward requests from mobile devices to the connected systems like the file system, Microsoft Exchange or the intranet.
Cortado Corporate Server is based on the principle of openness. Instead of blocking certain actions – which, experience shows, leads to users looking for unsecure workarounds to achieve their intended aims – all user activities are recorded in a detailed auditing log. This allows employees to act flexibly, while the IT administration can follow all actions and intervene in case of misconduct.
Although Cortado Corporate Server is generally based on the principle of openness, there are some essential requirements to ensure enterprise security and compliance. That’s why administrators can define user actions like a jailbreak, deletion of the MDM profile, or the installation of a blacklisted app which lead to automatic blocking of corporate network and Exchange e-mail access.
In order to ensure that IT stays on track of all MDM commands, the management console gives an overview of all successful, outstanding and failed commands. If necessary, a list of devices with incorrectly executed MDM commands can be displayed.
The HTML5 client enables secure, fast access to the corporate network using a web browser. But not all companies want to universally offer this. Using the Management Console, this option can be disabled for individuals or groups. This allows you for example, to block automatic uploading and downloading of files or sending them via e-mail. If necessary, the HTML5 version can be completely disabled for all users.
A significant security risk is posed by saving corporate data on the mobile device. Important information can quickly fall into the wrong hands if a device is lost or stolen. Cortado Corporate Server minimizes this risk. Anytime-anywhere access to the corporate network makes local "stockpiling" of files unnecessary. Many functions – such as printing, and forwarding files via e-mail – are carried out server-side on the backend. No download is even necessary to view a file, instead a data-optimized preview of the original is displayed on the device.
The loss of a device requires an immediate response in order to safeguard corporate data from unauthorized access. Despite all precautions taken, storing data locally on the device can never be completely prevented. Here is where the User Self Service Portal helps. It is accessible to authorized users with any internet browser and makes it possible to locate lost devices using the locating function, without having to first contact an admin. If that doesn't succeed, data can be deleted using remote wipe or the device can be locked with remote lock.
The separation of business and personal data is a crucial security factor, especially when personal devices are used in the company. This separation enables not only special security measures like password protection and local encryption of corporate data, but also the ability to partially delete the data remotely – an important function when a device is lost or when an employee quits or retires.
An extra secure browser is available for accessing websites and web applications on the intranet securely while mobile. It doesn’t directly access the intranet, but routes through a secure path via Cortado Corporate Server. This method ensures both user authentication and data security.