PKI Blog

Authentication in an Ultra-Connected World: Internet of Things

Posted by Ted Shorter on Oct 1, 2015 6:05:00 AM

As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates landed primarily on what I’d describe as “traditional” IT infrastructure – servers, desktops, laptops, smart cards, RADIUS servers, or VPN concentrators. But since then, things have gotten much more interesting. Handheld scanners. Surgical robots. VOIP phones. Set-top boxes. Cable modems. Even heart monitors and IV pumps.

Read More

Topics: install certificates onto devices, digital certificates, cert, embedded systems, certificate, Microsoft Security Partner, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, Microsoft Public Key Infrastructure, Cisco Internet of Things, embedded certificates, embedded devices, Microsoft PKI, X.509 digital certificates, Internet of Things, IoT, Blog, Internet of Things (IoT), certificate install, BYOD, PKI Assurance

AirWatch & CSS - Partnership Featuring Certificate Management System

Posted by Sarah Hance on Sep 24, 2013 11:58:24 AM

Cleveland, OH - September 24, 2013 - Certified Security Solutions' Certificate Management System (CMS) is featured in the AirWatch Marketplace as a fully integrated mobile certificate solution. Developed to give AirWatch customers and partners a centralized location to identify technologies that complement their investments in AirWatch and additional mobile avenues, the AirWatch Marketplace is reserved for top solution providers with proven integration benefits.

Read More

Topics: digital certificate, digital pki, Public Key Infrastructure, issue mobile certificate, AirWatch, PKI, cert management, Microsoft PKI, mobile certificate, certificate management, Internet of Things, expired certificate, AirWatch marketplace, Press Releases, BYOD

1024-bit RSAs Days are Numbered

Posted by Ted Shorter on Jul 9, 2013 6:49:48 AM

In December of 2011, the CA/Browser Forum, comprised of representatives from the major Certification Authorities such as Symantec, Comodo, GoDaddy, and DigiCert, as well as browser vendors such as Microsoft, Apple, Mozilla, and Opera, published a document called "Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates.” This document outlines an agreed-upon set of minimum standards for SSL/TLS cert vendors.

One of these standards essentially calls of the elimination of certificates with 1024-bit RSA public keys by the end of 2013: any RSA-keyed certificate, even end-entity (“subscriber”) certificates, that expire after Dec. 31, 2013, must have a key of at least 2048-bits. This is big news in some circles; a number of public cert vendors have had to change their procedures, and, more significantly, start migrating their customer bases to 2048-bit certs. Many started this process quite a while ago.

Read More

Topics: digital certificate, RSA cert length, apple, Symantec, Public Key Infrastructure, Comodo, certificate 2013, RSA certificate length, Industry Trends, DigiCert, SSL certificate, 1024-bit RSA, PKI, TLS cert, Microsoft PKI, digital certificate length, Blog, 1024 certificate length, cert length 2013, GoDaddy, Mozilla

Writing Event Plugin Handlers for the Certificate Management System (CMS)

Posted by Gary Galehouse on Jul 25, 2012 5:15:44 AM

The Certificate Management System (CMS), formerly known as the Certificate Reporting Tool (CRT), as referenced below, provides reporting and notification capabilities to an existing Public Key Infrastructure (PKI). The reports and notifications are highly customizable for content, timing, and audience. In addition, custom ‘event plugin handlers’ can be created and registered to perform any desired functionality when predefined events occur. Two types of CRT events are exposed:

Read More

Topics: digital certificate, iPhone, IT Security, Microsoft Security Partner, digital pki, Certificate Reporting Tool, Public Key Infrastructure, Event Plugin Handlers, Microsoft Public Key Infrastructure, iPad, Microsoft PKI, iOS management certificates, mobile certificate, iOS, Blog, Plugin Handlers, Got PKI?

Got PKI? CSS at RSA

Posted by CSS Marketing on Mar 15, 2012 6:39:29 AM

Certified Security Solutions sent a team to the 2012 RSA Security Conference in San Francisco where one of the underlying themes was mobile security. Located in the Microsoft Pavilion, team CSS boasted a 'Got PKI?' theme centered around PKI best practices and the power of digital certificates on mobile devices. Booth conversations included PKI as a service in addition to leveraging CSS' own software solution, the Certificate Management System (CMS) for digital certificate management and enrollment in a Microsoft PKI. Visitors to the booth were genuinely excited to see a mobile security solution from a company that "gets" PKI. CSS' CTO, Ted Shorter, and Director of Business Development, Uri Lichtenfeld, presented a theater session titled 'Do's and Don’ts of PKI and Certificate Management for Mobile Devices.' Check out the photos below:

Read More

Topics: digital certificate, Fulfillment and governance tools for IAM, consumerization of IT, apple, iPhone, digital pki, digital certificate management, Public Key Infrastructure, Certificate Management System (CMS), mCMS, certificate remediation, Microsoft Public Key Infrastructure, iPad, Certificate Reporting Tool (CRT), PKI, Microsoft PKI, iOS management certificates, Microsoft-centric infrastructure, iOS, Blog, expanded compliance and forensic issues, mobile certificates, BYOD, Got PKI?

Apple Products Becoming (Business) Mainstream

Posted by CSS Marketing on Feb 9, 2012 4:00:13 AM

The popularity of Apple’s iPads and iPhones among consumers are well documented, but recent findings from Forrester Research shows that these devices are gaining steam in the corporate world.

The “Consumerization of IT” or BYOD (Bring Your Own Device) has become a common occurrence among all departments, and not surprisingly, Apple is leading the way among what Forrester calls “information” workers — workers that use a computer for work an hour or more per day. And the more senior the individual, the more they are using Apple devices:

  • More than 1 out of 5 (21%) of 10,000 surveyed Information workers use one or more Apple device at work
  • The number of Apple BYOD-ers doubles to 2 out of 5 professionals (41%) for those with the title “Director of IT” or higher
Read More

Topics: digital certificate, Microsoft Active Directory AD, certificates, apple, iOS 5, iPhone, IT Security, Microsoft Security Partner, digital pki, Certificate Reporting Tool, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, mCMS, Microsoft Public Key Infrastructure, Active Directory Certificate Services, iPad, PKI, Microsoft PKI, iOS management certificates, Microsoft and Apple, iOS, Blog, Active Directory, mobile certificates, BYOD, AD, Got PKI?

Apple Cozying Up to Microsoft Partners? CSS' mCMS

Posted by CSS Marketing on Nov 18, 2011 7:19:57 AM

This week we’ve seen the latest chapter in the Microsoft/Apple love/hate relationship… and it would seem that love is conquering all… at least for the time being. As CRN reports, Apple is reaching out to Microsoft partners that can help integrate iPhones and iPads into enterprise environments.

We’re seeing a bit of a perfect storm for Apple and Microsoft to work together – at least in the mobile space – as more and more organizations are taking a look at moving to or allowing iPhones (and iPads). Combining the robust multi-faceted Microsoft Core Infrastructure platform and Apple’s trendy “must-have” market monopolizing devices, Apple and Microsoft are “on again,” albeit in the relatively limited smartphone and tablet arena.

Read More

Topics: digital certificate, iPad security, apple, iOS 5, iPhone, IT Security, consumerization, Microsoft Security Partner, Certificate Reporting Tool, Certificate Management System (CMS), Industry Trends, mCMS, Software Products, Microsoft Public Key Infrastructure, iPad, SCEP, mobile security, Microsoft, Microsoft PKI, CRT, iOS management certificates, mobile certificate, Microsoft and Apple, iOS, Blog, iPhone security, secure enrollment, BYOD, Got PKI?

About Time

Posted by CSS Technical Team on Oct 18, 2011 5:05:00 AM

In my previous blog, I talked about the necessity of a Time Stamping Authority (TSA) in regards to non-repudiation. In this blog we are going to have a closer look at time itself, talk about why accurate time is important, and how to achieve accurate time in your own organization.

Read More

Topics: Issuing CA, Certificate authority, IT Security, Microsoft Security Partner, Master Clock, Public Key Infrastructure, TSA, NTP, Microsoft Public Key Infrastructure, SNTP, Simple Network time Protocol, Microsoft PKI, Stratum-2, Stratum-1, Blog, Network time Protocol, Got PKI?, Time Stamping Authority

Time Stamping Authority

Posted by CSS Technical Team on Jun 2, 2011 5:00:11 AM

It is safe to say that everything has gone digital. In an age where people are farming virtual farms and tending to online fish tanks, why wouldn't the need for a "virtual signature" become apparent? When it comes to replacing your "John Hancock" with a time stamp, the risk of a security compromise becomes heightened. Luckily, there are protective security measures that can easily minimize risk.

Read More

Topics: Adobe Acrobat, Microsoft Security Partner, digital pki, Public Key Infrastructure, Microsoft Public Key Infrastructure, time stamp, Microsoft PKI, time stamped signature, Blog, Time Stamp Server, Time Stamp Protocol, Got PKI?, Time Stamping Authority

RSA SecurID and Lockheed Martin Breach

Posted by Chris Hickman on May 31, 2011 11:55:35 AM

CIOs, CSOs and IT Security personnel are confronted with the realization that the RSA SecurID breach may have impacts that extend well beyond RSA itself, and into its customer base. While the admission of a breach at RSA this past March is cause for alarm, the recent event at Lockheed Martin should also inspire action. It is widely reported that the breach on Lockheed Martin’s VPN was executed by spoofing RSA Secure ID tokens. The spoofing of those tokens likely involved at least some information gained as a result of the breach at RSA.

The reality of this recent attack clearly illustrates the need for organizations to constantly review IT security and make adjustments and changes to technology and policies as things change. Security is a process, not a point in time event to check off a to-do list. Whether you use RSA Secure ID or other technologies, user authentication should not be your only defense against unauthorized access to your network.

Read More

Topics: Lockheed Martin, IT Security, Microsoft Security Partner, digital pki, 2-factor authentication, Industry Trends, Microsoft Public Key Infrastructure, smartcards, RSA, Microsoft PKI, Blog, RSA Secure ID tokens, Got PKI?

Posts by Topic

see all

Want to Learn more about CSS?