PKI Blog

SCARIER THINGS: Protect Your IoT Assets with HSMs

Posted by Anthony Ricci on Oct 11, 2017 11:47:25 AM

Although Halloween happens once a year, evil lurks in the digital IoT world all year round.  Systems must be protected 24/7/365. 

Although Halloween happens once a year, evil lurks in the digital IoT world all year round.  Systems must be protected 24/7/365 to ensure that the ‘Demogorgon’ does not make it’s way through the portal into the system.  One concern is the protection of our cryptographic keys.  Although there are many ways to accomplish this, it is not an easy decision.

Read More

Topics: Public Key Infrastructure, PKI, Hardware Security Module, IoT, Internet of Things (IoT), HSM, LiveWorx

Who’s Watching Your Public Key Infrastructure (PKI)?

Posted by Andrew Prayner on Oct 6, 2017 10:28:43 AM

If you're not watching your PKI...who is?

 As ominous as the title sounds, this blog will actually focus on the parties that should have eyes on your public key infrastructure (PKI), rather than the “bad actors” who shouldn’t.  The latter is no less important, however, and that could easily be the topic of a future blog.

Read More

Topics: Managed PKI, Public Key Infrastructure, PKI, DIY PKI

“CAN YOU KEEP A SECRET?” KEEPING YOUR IOT DEVICES SAFE AND SECURE–CRYPTOGRAPHY 101

Posted by Anthony Ricci on Sep 13, 2017 10:35:59 AM

Why do I care about cryptography as an IoT architect? What is the deal with cryptography? Why does cryptography matter in the IoT world?

Currently, it is estimated that there are about 8.4 billion devices online.  Within the next 3 years, the number will be over 20.4 billion devices.  As more connected devices are deployed, there becomes a greater need to control and manage the identity of those devices. There is also a need to protect the devices “data at rest” and “data that is transmitted.” Cryptography gives us a way to do that with high assurance and reliability.

 

Read More

Topics: Public Key Infrastructure, PKI, IoT, Internet of Things (IoT), LiveWorx, Cryptography

How I Lost Control of My PKI

Posted by Ex-PKI Guy on Jun 27, 2017 9:24:02 AM

My alarm signals like an acoustic guitar. I really need to change that sound – it’s starting to get on my nerves. A quick email scan before I begin my morning routine. Justin was finally able to get the domain joined machines in the correct group policy – nice. Next email, a support ticket stating access to the vacation request system was denied. Probably just another user error, I’d get to it later on.

Read More

Topics: Public Key Infrastructure, PKI

The Real Cost of an Expired Digital Certificate

Posted by CSS Technical Team on Jun 22, 2017 1:03:04 PM

The average global 5,000 company spends about $15 million to recover from a certificate outage. These estimates are based on a Ponemon survey of about 2,400 global respondents which include remediation costs, loss of productivity, lost revenues, and brand image damage.

Read More

Topics: digital certificate, Public Key Infrastructure, PKI, Digital Identity Management, Unplanned Outages

GlobalSign Certificate Conundrum – Why Doing PKI Right is Hard

Posted by Ted Shorter on Oct 14, 2016 12:39:36 PM

Yesterday (October 13, 2016), certain segments of the Public Key Infrastructue (PKI) world were spun into a frenzy, when a GlobalSign CA certificate appeared to have been revoked.  Clearly, revoking a CA certificate is a significant event, as all certs that chain through that CA effectively become invalid.

Read More

Topics: Public Key Infrastructure, PKI, GlobalSign, HTTPS, PKI GlobalSign

Advantages of a Professionally Managed PKI

Posted by CSS Technical Team on Sep 22, 2016 1:55:14 PM

Cybersecurity Today

Ever-evolving security challenges are dominating today’s IT landscape. Malicious actors are using every avenue possible to access sensitive and valuable data, from social engineering and DDoS to brute force methods. For example:

Read More

Topics: Public Key Infrastructure, PKI, PKI as a Service (PKIaaS), Public Key Infrastructure (PKI), PKI Managed Service, Managed Services, PKI help, PKI Health, PKI vendor

Top 5 Root CA Key Signing Ceremony Mistakes

Posted by Wayne Harris on Aug 31, 2016 9:03:30 AM

Trust, as it pertains to most components within a Public Key Infrastruture (PKI) is earned. It’s established as the result of some sort of evaluation. An evaluation that often involves a revocation check or policy check.

In the case of the root CA however, trust is *not* earned. In the case of the root CA, trust is assigned. This assigned trust is quite often mandatory from the perspective of subscribers and relying parties.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Root CA Security, Root CA Key Signing Ceremony Mistakes

Let’s Get Physical – Securing Your Enterprise’s Root Certificate Authority

Posted by Max Szaniawski on Jun 1, 2016 10:20:24 AM

Having the privilege to work with some of the best, if not the best PKI and security professionals in the field, I have learned the extreme importance of the practices used in securing the root certification authority (CA) platform. This includes software level security, hardware level security, and physical security.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Securing a root CA, Root CA Security

Authentication in an Ultra-Connected World: Internet of Things

Posted by Ted Shorter on Oct 1, 2015 6:05:00 AM

As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates landed primarily on what I’d describe as “traditional” IT infrastructure – servers, desktops, laptops, smart cards, RADIUS servers, or VPN concentrators. But since then, things have gotten much more interesting. Handheld scanners. Surgical robots. VOIP phones. Set-top boxes. Cable modems. Even heart monitors and IV pumps.

Read More

Topics: install certificates onto devices, digital certificates, cert, embedded systems, certificate, Microsoft Security Partner, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, Microsoft Public Key Infrastructure, Cisco Internet of Things, embedded certificates, embedded devices, Microsoft PKI, X.509 digital certificates, Internet of Things, IoT, Blog, Internet of Things (IoT), certificate install, BYOD, PKI Assurance

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?