PKI Blog

What is a Next-Gen PKI?

Posted by CSS Technical Team on Oct 5, 2018 9:48:16 AM

With cyber crime damage costs estimated to hit $6 trillion annually by 2021, there’s no doubt that cybersecurity continues to be one of the top concerns for IT departments in every industry. They’re constantly in search of more robust capabilities beyond what’s always been used. As cybersecurity has evolved, so have public key infrastructure (PKI) solutions. We’re now entering a new era of PKI that's focused on the long-term sustainability of certificates and devices across the enterprise.

Read More

Topics: Crypto-agility, next-gen PKI, Public Key Infrastructure (PKI)

Switching to the Right Digital Certificate Management Platform

Posted by Anthony Ricci on Aug 17, 2018 1:15:41 PM

Public Key Infrastructure (PKI) supports digital certificates and their associated keys to verify the identity of users and devices to other users, devices and applications. As such, PKI is paramount to network and Internet security because sensitive communications must verify the party they’re communicating with. Many organizations manage the process in-house, but day-to-day distractions and lax governance can make that a dangerous model.

Read More

Topics: digital certificate management, certificate management fees, PKI management costs

DevOps: How to Securely Spin Up Containers using CMS, Puppet, and Ansible

Posted by Jake Adkins on Aug 13, 2018 4:05:25 PM

There are many benefits to the automation of container deployment, but these benefits do not come without their complications. The DevOps efforts have made hard coding credentials into cloud-init scripts common practice, but this poses major security risks. Moreover, what if you need to get a certificate on to one of these instances? Do you save it into an image or configuration file? This poses even greater risk, as an adversary now has access to an exportable private key. Using tools like Puppet or Ansible conjointly with our Certificate Management System (CMS) platform, we can mitigate these risks and request the certificate uniquely for the container or virtual machine at the time of its creation. This post will demonstrate this concept in the context of Microsoft Azure VMs.

Read More

Topics: DevOps, Certificate Management System (CMS), Puppet, Ansible

How to Manage Application Certificates with Docker

Posted by Rex Wheeler on Aug 13, 2018 3:42:07 PM

Clients commonly ask us how to use our PKI and digital certificate operations management platform, CMS, to manage application certificates in a DevOps environment. They are “containerizing” their applications with Docker and want to manage certificates within Docker containers.

Read More

Topics: DevOps, Docker Containers, manage application certificates, Infrastructure as Code (IaC)

Enterprise IT Scenarios Demanding Crypto-Agility

Posted by CSS Technical Team on Aug 6, 2018 3:20:50 PM

 In an evolving cyber security landscape, defenses must continually evolve. Static systems are not only inherently insecure, they are less so with each passing day. This principle applies to cryptography as much as to other types of cyber-defenses. And with the advent of quantum computing, most analysts agree that common cryptographic algorithms will eventually become ineffective. The scale of the potential threat is immense — for nearly all the hardware and software we use in both traditional IT environments and burgeoning Internet of Things (IoT) ecosystems.

Read More

Topics: Crypto-agility, quantum computing, Cryptography, digital identity

5 Risks of Gambling With a Wild Certificate Count and PKI

Posted by CSS Technical Team on Jun 4, 2018 3:42:44 PM

Gambling means being prepared to lose everything. When working with an out of control, unmanaged digital certificate count and public key infrastructure (PKI), the risks of facing issues with financial and productivity losses are extremely high. Are you prepared to gamble with some of your most valuable IT assets? Let's explore five common unmanaged certificate and PKI related scenarios, their financial implications and how to prevent them from occurring in your enterprise.

Read More

Topics: Digital Identity Management, digital certificates, ROI public key infrastructure

How to Regain Control of Compromised IoT Device Certificates

Posted by JD Kilgallin on Apr 25, 2018 3:19:42 PM

Imagine a world with no access controls. A free for all resulting in chaos thanks to broken processes, zero audit trails, and no way to administer rights to the appropriate devices or people. Luckily, today’s IoT driven world is layered with access controls designed to streamline and simplify alongside of prioritizing the most important aspect - security.

With CMS VerdeTTo and the VerdeTTo Access Valve for ThingWorx, devices can be constrained to only access systems under certain conditions, such as connecting from certain known locations or during certain expected operating hours. VerdeTTo also allows devices with compromised certificates to quickly be disabled, preventing them from accessing network resources and systems.

Just one click changes a metadata value for the compromised certificates through the VerdeTTo portal, while the VerdeTTo Access Valve immediately terminates the device’s access to the ThingWorx platform. But once a device is compromised (especially if a broad range of devices are compromised) how do you securely bring everything back online?

Read More

Topics: Cryptography, PKI, Internet of Things (IoT), IoT, LiveWorx, Public Key Infrastructure

The Right Way to Find and Protect Code Signing Certificates

Posted by CSS Technical Team on Apr 6, 2018 11:33:57 AM

The demand for trust in today's uber-connected digital society is unprecedented. Consumers of software require guaranteed proof that the application they are using is legitimate. Secure code signing validates the author of the software and proves that the code has not been altered or tampered with after it was signed. Trusted code signing certificates are used to verify authenticity, but what is preserving the integrity of those certificates?

Read More

Topics: secure code signing, Public Key Infrastructure (PKI), find code signing certificates, weakening cryptography, Crypto-agility, the right way to protect code signing certificates

7 Beneficial Features You’re Missing Without a Certificate Lifecycle & PKI Operations Platform

Posted by Sami Van Vliet on Mar 30, 2018 2:40:07 PM

Overwhelmed by manual Public Key Infrastructure (PKI) & certificate management processes? Burdened with worry of rogue certificates or certificate-related outages? Worried you've lost all control of your PKI? Stop losing and start gaining control by actualizing the features and benefits not available when manually managing your digital certificates and PKI.

Read More

Topics: efficient certificate management, PKI management, expired digital certificates

How to Gain Guaranteed ROI with a Managed PKI

Posted by Chris Hickman on Mar 23, 2018 10:05:44 AM

What is a Managed PKI? - Your PKI, Our Management and Service
CMS Sapphire™ professionally managed Public Key Infrastructure (PKI) from Certified Security Solutions (CSS) allows you to maintain complete control over the use of your Root CA keys and PKI recovery materials while transferring day-to-day PKI management and oversight to experts.

Read More

Topics: ROI PKI, Managed PKI, managed public key infrastructure, Public Key Infrastructure

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?