PKI Blog

Chris Hickman

Chris Hickman
Find me on:

Recent Posts

How to Gain Guaranteed ROI with a Managed PKI

Posted by Chris Hickman on Mar 23, 2018 10:05:44 AM

What is a Managed PKI? - Your PKI, Our Management and Service
CMS Sapphire™ professionally managed Public Key Infrastructure (PKI) from Certified Security Solutions (CSS) allows you to maintain complete control over the use of your Root CA keys and PKI recovery materials while transferring day-to-day PKI management and oversight to experts.

Read More

Topics: ROI PKI, Managed PKI, managed public key infrastructure, Public Key Infrastructure

Where Does My Heartbleed Now?

Posted by Chris Hickman on Apr 15, 2014 6:00:29 AM

Vulnerabilities tend to morph over time. Upon initial identification, researchers, companies, and experts tend to rush to offer opinions, sometimes factual and sometimes less so.

Read More

Topics: Heartbleed, private key ssl, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, private keys, OpenSSL, Heartbleed vulnerability, private key, SSL certificate, Azure PKI, PKI, PKI as a Service (PKIaaS), heartbleed bug, SSL bug, private key heartbleed, Heartbleed android, Blog, private keys vulnerable

The Truth About PKI Managed Service Offerings

Posted by Chris Hickman on Jan 29, 2013 9:54:53 AM

Recently I was engaged with a customer who decided to source certificates from a service provider rather than build a PKI. In this case the customer was limited in resources and an evaluation of build vs. buy showed this to be the correct approach in the near term.

Read More

Topics: digital certificate, cert, Managed Service Offerings, certificate, IT Security, Microsoft Security Partner, Public Key Infrastructure, private key, certs, PKI, Blog, MSO, Got PKI?

Keys to Successful Smartcard Deployments

Posted by Chris Hickman on Jul 6, 2011 5:00:32 AM

With the recent sting of very public and highly publicized IT compromises, many IT security stake holders are re-evaluating their overall security strategy. It is inevitable that at some point in that evaluation, the idea of implementing multifactor authentication will be considered.

Read More

Topics: IT Security, Microsoft Security Partner, smartcard, Identity Management, Blog, smartcard lifecycle, two factor authentication

RSA SecurID and Lockheed Martin Breach

Posted by Chris Hickman on May 31, 2011 11:55:35 AM

CIOs, CSOs and IT Security personnel are confronted with the realization that the RSA SecurID breach may have impacts that extend well beyond RSA itself, and into its customer base. While the admission of a breach at RSA this past March is cause for alarm, the recent event at Lockheed Martin should also inspire action. It is widely reported that the breach on Lockheed Martin’s VPN was executed by spoofing RSA Secure ID tokens. The spoofing of those tokens likely involved at least some information gained as a result of the breach at RSA.

The reality of this recent attack clearly illustrates the need for organizations to constantly review IT security and make adjustments and changes to technology and policies as things change. Security is a process, not a point in time event to check off a to-do list. Whether you use RSA Secure ID or other technologies, user authentication should not be your only defense against unauthorized access to your network.

Read More

Topics: Lockheed Martin, IT Security, Microsoft Security Partner, digital pki, 2-factor authentication, Industry Trends, Microsoft Public Key Infrastructure, smartcards, RSA, Microsoft PKI, Blog, RSA Secure ID tokens, Got PKI?

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?