PKI Blog

“CAN YOU KEEP A SECRET?” KEEPING YOUR IOT DEVICES SAFE AND SECURE–CRYPTOGRAPHY 101

Posted by Anthony Ricci on Sep 13, 2017 10:35:59 AM

Why do I care about cryptography as an IoT architect? What is the deal with cryptography? Why does cryptography matter in the IoT world?

 

Currently, it is estimated that there are about 8.4 billion devices online.  Within the next 3 years, the number will be over 20.4 billion devices.  As more connected devices are deployed, there becomes a greater need to control and manage the identity of those devices. There is also a need to protect the devices “data at rest” and “data that is transmitted.” Cryptography gives us a way to do that with high assurance and reliability.

 

Continue Reading

Read More

Topics: Public Key Infrastructure, PKI, IoT, Internet of Things (IoT), LiveWorx, Cryptography

Google vs. Symantec: Increasing Your SSL Certificate Visibility

Posted by CSS Technical Team on Sep 7, 2017 11:40:56 AM

Symantec SSL Customers, do you know where your certificates are located?

In March, Google announced they discovered a problem with Symantec issued SSL certificates. Google identified roughly 30,000 SSL certificates that violated industry standards defined within the CA/B forum baseline requirements.  After the discovery, Google and Symantec solidified an agreement which will affect new and existing Symantec customers moving forward.  The original deadline for reissuing affected Symantec/GeoTrust/Thawte certificates was pushed back from August 2017 to April 2018.

Read More

Topics: SSL certificates, Symantec, DigiCert, Digital Identity Management, GeoTrust, Thawte

“HEY THERE, IT’S ME” – Understanding the Importance of IoT Device Identity

Posted by Anthony Ricci on Aug 16, 2017 11:26:40 AM

Do you remember the movie E.T, where E.T is essentially stranded on Earth until he assembles a makeshift communication device which sends a message to his spaceship to return to earth to retrieve him?

Read More

Topics: Internet of Things, IoT, IoT Identity Management, LiveWorx

Simplifying the Microsoft Policy Module with CMS Enterprise

Posted by Sami Van Vliet on Aug 15, 2017 12:46:02 PM

CMS Enterprise now provides exclusive, real time policy control at the Certificate Authority (CA), providing the most comprehensive security compliance for certificate issuance available today.

The CMS Custom Policy Modules intercept the certificate requests and can then perform important security-enhancing actions such as:

  • Allowing only certain IP addresses to request certificates. Preventing a user with access to the CA itself from being able to request a certificate outside of the approved CMS Enrollment process.
  • Using the CSS-patented VSCEP™ technology, CMS secures on-device key generation during certificate enrollment for iOS and Mac devices, without the use of client-side agents.
Read More

Topics: digital certificate management, X.509 digital certificates, Digital Identity Management, Microsoft Policy Module, PKI management

You have choices in certificate and PKI management – Why CSS?

Posted by Tom Klein on Aug 10, 2017 3:41:43 PM

The quandary in buying a solution to any business problem is am I making the best choice and will our company derive value from that selection?

In representing a variety of solutions to customers over more than 35 years, I have found a few consistent characteristics of customers that have been happy with their decision.

Read More

Topics: PKI, Public Key Infrastructure (PKI)

IoT Security Regulation: Coming Soon?

Posted by Ted Shorter on Aug 7, 2017 3:34:16 PM

Last week, a bipartisan group from the US Senate Cybersecurity Caucus proposed a new piece of legislation called the “Internet of Things Cybersecurity Improvement Act of 2017.”  While the bill has yet to be ratified, it places more intense focus on securing the billions of devices that will be given network and internet connectivity over the next few years. 

Read More

Topics: Internet of Things, Internet of Things (IoT), IoT Security, IoT legislation

How I Lost Control of My PKI

Posted by Ex-PKI Guy on Jun 27, 2017 9:24:02 AM

My alarm signals like an acoustic guitar. I really need to change that sound – it’s starting to get on my nerves. A quick email scan before I begin my morning routine. Justin was finally able to get the domain joined machines in the correct group policy – nice. Next email, a support ticket stating access to the vacation request system was denied. Probably just another user error, I’d get to it later on.

Read More

Topics: Public Key Infrastructure, PKI

The Real Cost of an Expired Digital Certificate

Posted by CSS Technical Team on Jun 22, 2017 1:03:04 PM

The average global 5,000 company spends about $15 million to recover from a certificate outage. These estimates are based on a Ponemon survey of about 2,400 global respondents which include remediation costs, loss of productivity, lost revenues, and brand image damage.

Read More

Topics: digital certificate, Public Key Infrastructure, PKI, Digital Identity Management, Unplanned Outages

Reflections on the 2017 Thales Data Threat Report

Posted by CSS Technical Team on Jun 2, 2017 1:40:54 PM
Trends in Encryption and Data Security Include Major Implications for the IoT

Key Trends of the 2017 Thales Data Threat Report

The Global Edition of the 2017 Thales Data Threat Report featured a number of trends in the data set which are noteworthy for enterprises invested in the IoT, as well as cloud security. The 2017 report is based on a survey of over 1,100 security executives across the globe, and emphasizes the security impacts of advanced technologies, including cloud, big data, IoT, and containers.

Read More

Topics: Thales e-Security, Encryption, IoT Security, Data Security

Layering Certificate-based Authentication Security onto ThingWorx IoT Platform

Posted by CSS Technical Team on May 19, 2017 1:59:29 PM

Congratulations, you’ve chosen ThingWorx to launch and manage your IoT devices, applications and data. Your goals are clear, your code has been tested and the connections are ready to engage. Unfortunately, you’ve forgotten a critical component that will sadly cause your entire project to fail.

Added layers of security, specifically unique device key authentication.

Read More

Topics: IoT, Internet of Things (IoT), PKI for IoT, Cyber Security, ThingWorx

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?