Technical Blog

Infographic: 2016 PKI and IoT Security Predictions

Posted by CSS Technical Team on Aug 1, 2016 3:59:21 PM

In 2016 digital identity cyber crimes have grown exponentially. As businesses continue to brace against cyber adversaries and look to secure the Internet of Things (IoT), Public Key Infrastructure (PKI) is continuing to prove that it is an economical and reliable technology that delivers a secure and high-performance solution. Check out the infographic then the full blog to learn more about why each prediction was made and what it means to your business.

Read More

Topics: digital certificates, PKI, Public Key Infrastructure (PKI), Cyber Security

Who’s Tracking Who, Pikachu?

Posted by Will Clements on Jul 14, 2016 2:32:31 PM

The newly released Pokemon Go by Niantic for mobile devices is all the craze right now. With over 15 million downloads, and 1.6M in daily revenue in the US alone, it has become the most downloaded app of all time. To summarize, the application uses your GPS location to put Pokemon in the world for you to catch, and it places locations in the world to battle your Pokemon or collect items. It’s very much like Geocaching with virtual monsters.

Read More

Topics: Pokemon Go, Pokemon Go security, pokemon go privacy, Pokemon Go location tracking

Infographic: Digital Certificates and Cyber Security Stats

Posted by CSS Technical Team on Jun 21, 2016 3:39:55 PM

In 2016 CSS Research surveyed information security professionals on their current and anticipated digital certificate usage related to enterprise and Internet of Things (IoT) use cases. This infographic outlines key findings from the survey proving the importance of proper Public Key Infrastructure (PKI) and digital certificate usage and management in the fight against cyber crime.

Read More

Topics: digital certificates, PKI, Public Key Infrastructure (PKI), Cyber Security

The Risks of Cryptographic Anarchy

Posted by Wayne Harris on Jun 15, 2016 11:46:34 AM

Why are we talking about assurance?

‘Assurance’ in the realm of PKI, tends to be one of those topics that is almost guaranteed to send a PKI design meeting down a rabbit hole. And unfortunately, many customers prefer the blue pill, rather than committing to an effort commensurate with a rigorous examination of risk, impact and assurance in the certificate space.

Read More

Topics: PKI, Internet of Things, IoT, PKI CA, IoT Security, PKI for IoT

SAP's "The importance of client certificates in IoT"

Posted by Ted Shorter on Jun 9, 2016 1:56:24 PM

Jay Thoden van Velzen from SAP recently published a very interesting blog describing the use of certificate metadata as a mechanism to enhance IoT authentication.  We wholeheartedly agree with the approach.  CSS’ VerdeTTo solution is based on a similar concept, and allows us to leverage the massive scalability and certificate metadata capabilities of our CMS PKI operations management platform to transform certificates and metadata into device identities, attributes, and authenticators.

Read More

Topics: IoT, Internet of Things (IoT), SAP

Let’s Get Physical – Securing Your Enterprise’s Root Certificate Authority

Posted by Max Szaniawski on Jun 1, 2016 10:20:24 AM

Having the privilege to work with some of the best, if not the best PKI and security professionals in the field, I have learned the extreme importance of the practices used in securing the root certification authority (CA) platform. This includes software level security, hardware level security, and physical security.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Securing a root CA, Root CA Security

The Importance of Managing Digital Identities

Posted by CSS Technical Team on May 11, 2016 9:22:58 AM

Digital identity management (DIM) is the process for managing and securing digital identities through authentication, encryption, and signing. The end goal is to protect your organization’s reputation by preventing breach and/or downtime by accurately authenticating and authorizing an endpoint, transaction, or data. In essence solid digital identity management always comes back to the security of the same things: people, data, devices and applications.

Read More

Topics: digital certificates, digital identity, multifactor authentication, data breach

IoT Security Concerns in the World of Healthcare Devices

Posted by CSS Technical Team on Apr 26, 2016 11:25:11 AM

Healthcare Devices: Then and Now

Healthcare devices through the ages: what was once a cumbersome trip to the doctor for testing, followed by a series of manual documentation steps, is now a convenient, internet-connected wearable device that automates the transmission of patient information. Implanted devices are only one of many different wearable devices out on the market today. The majority of wearable healthcare devices connect to an internet or cloud-based system that allows users to interact with those devices while transmitting information to be used for actionable medical insight.

Read More

Topics: Internet of Things (IoT), IoT Healthcare, Healthcare, Wearables Security

Establishing A Private OID

Posted by John Redding on Apr 15, 2016 10:51:18 AM

As a Public Key Infrastructure (PKI) best practice, Certificate Policies are associated with a PKI by reserving and incorporating unique object identifiers (OID) into all or portions of your PKI.  OIDs are used to assign one or more Certificate Policies to a given CA.

Read More

Topics: PKI, Public Key Infrastructure (PKI), PKI OID, PKI Object Identifiers

Safely Adding SAN Information to a Certificate Request

Posted by Wayne Harris on Apr 6, 2016 9:46:39 AM

This blog is a continuation in a series of blogs, relating to the perils of adding Subject Alternate Name (SAN) information to a certificate signing request (CSR).

Read More

Topics: certificate management, Certificate SAN

Posts by Topic

see all

Want to Learn more about CSS?