Crypto Service Gateway - Cryptomathic

Crypto Service Gateway

Managing and Deploying Crypto - A Costly Affair

Crypto is costly to implement, operate and maintain. There are direct costs associated with acquiring and maintaining hardware and software, but there is perhaps an even greater aspect of cost associated with the integration and ongoing management. Crypto is complicated, and tends to be decentralised and function- or project-driven, in other words, highly specialised and tailor-made for each instance. General developers - skilled as they are at writing applications, rarely have the required expertise needed for writing and integrating crypto code. In turn that has an impact on cost through additional resource, extended time to market, error correction, stability and compliance.

Consider the advantages that can be gained through offering cryptography as a service, just like other IT services - running as a centralised and integrated service ready for use any time of day. That would remove most of the traditional difficulties and solve many infrastructural problems presiding in organisations that use crypto for a lot of applications.

Crypto Service Gateway

The Crypto Service Gateway (CSG) is a unique technology that allows organisations to apply crypto to new as well as existing applications without having to change the core infrastructure. Rather than having to build security around each application individually, all applications can access one set of hardware servers with software crypto and HSMs (Hardware Security Modules) for all crypto functions. CSG represents a completely new way of thinking and managing crypto. Until now many organisations that rely on crypto, particularly banks - have a growing security infrastructure that is becoming so big that it is becoming impossible to manage and maintain, especially with more and more crypto being added over time. Cryptomathic developed CSG along with key sparring partners in the financial services industry - one being a card payment hardware vendor and the other a major high street UK bank. The end result is a solution that can be used for almost any type of crypto and application, e.g. database encryption and tokenization, digital signatures and so forth.

CSG Diagram

Besides providing a viable crypto security infrastructure for the future, CSG solves a number of vital problems by delivering crypto as a service, of which the biggest are:

  • Readily available to integrate with
  • Simple integration using CQL - Crypto Query Language
  • No need to acquire more software and hardware
  • Ensure that crypto is done correctly
  • Centralised and automated key management
  • Proof of compliance - internal, PCI, regulatory...
  • Central policy enforcement and secure audit
  • 24/7 service
    .... and many more.

Click here for more business advantages that can be gained from CSG.

Centralised & Automated

Centralised authentication and crypto policy enforcement gives control to security decision makers, and allows developers to focus on application software, free from crypto worries such as 3DES migration, key lengths, HASH functions and so on. Digitally signed audit logs and easy-to-read policy language prove enforcement of internal and external compliance requirements, e.g. workflows and PCI DSS. On top of that, automated processes can be applied to minimise human interaction and error.

View the CSG Workflow Demonstration Preview on applying changes to crypto functions using the central policy enforcement in CSG.

Contact to view the full online workflow demonstration.

Small Investment - Big Saving

The Crypto Service Gateway saves customers' precious time and money. The potential benefits of implementing the CSG are countless and some dependent upon individual customers set-up and requirements. Some major reason for using CSG includes the following reductions:

  • Reduce HSM stock and avoid vendor tie-in
  • Development time integrating applications with HSM security
  • Resources for managing, monitoring, and auditing crypto
  • Electricity and environmental impact
  • Maintenance and support on HSMs
  • Travel to and from data centres
  • Compliance complexities
  • Human error
  • And many more...

CSG Safe

The Future Solution

Most hardware security module vendors have proprietary formats, which makes it difficult if not impossible to mix and match HSMs from different vendors. This has long been an issue for HSM users but there has never been a solution to that problem until now...

Cryptomathic's CSG is a leading edge solution, designed and developed for customers running a range of applications requiring HSMs from a variety of vendors. CSG is used by high street banks in addition to technology and services providers. CSG is the next step in providing applications and users with the highest level of protection - through HSM cloud security.

Contact us to explore the most cost-effective methods of managing cryptographic keys and encryption services - whether it be an in-house system or a fully managed service for cloud computing.