Crypto is costly to implement, operate and maintain. There are direct costs associated with acquiring and maintaining hardware and software, but there is perhaps an even greater aspect of cost associated with the integration and ongoing management. Crypto is complicated, and tends to be decentralised and function- or project-driven, in other words, highly specialised and tailor-made for each instance. General developers - skilled as they are at writing applications, rarely have the required expertise needed for writing and integrating crypto code. In turn that has an impact on cost through additional resource, extended time to market, error correction, stability and compliance.
Imagine, however, a future that offers crypto as a service, just like other IT services - running as a centralised and integrated service ready for use any time of day. That would remove a lot of hassle and solve big infrastructural problems presiding in organisations that use crypto for a lot of applications.
The Crypto Service Gateway (CSG) is a technology that allows organisations to apply crypto to new as well as existing applications without having to change the core infrastructure. Rather than having to build security around each application individually, all applications can access one set of hardware servers with software crypto and HSMs (Hardware Security Modules) for all crypto functions. CSG represents a completely new way of thinking and managing crypto. Until now many organisations that rely on crypto, particularly banks - have a growing security infrastructure that is becoming so big that it is becoming impossible to manage and maintain, especially with more and more crypto being added over time. Cryptomathic developed CSG along with key sparring partners in the financial services industry - one being a card payment hardware vendor and the other a major high street UK bank. The end result is a solution that can be used for pretty much any type of crypto and application, e.g. database encryption and tokenization, digital signatures and so forth.
Besides providing a viable crypto security infrastructure for the future, CSG solves a number of vital problems by delivering crypto as a service, of which the biggest are:
Centralised authentication and crypto policy enforcement gives control to security decision makers, and allows developers to focus on application software, free from crypto worries such as 3DES migration, key lengths, HASH functions and so on. Digitally signed audit logs and easy-to-read policy language prove enforcement of internal and external compliance requirements, e.g. workflows and PCI DSS. On top of that, automated processes can be applied to minimise human interaction and error.
The Crypto Service Gateway saves customers' precious time and money. The potential benefits of implementing the CSG are countless and some dependent upon individual customers set-up and requirements. Some major reason for using CSG includes the following reductions:
Most hardware security module vendors have proprietary formats, which makes it difficult if not impossible to mix and match HSMs from different vendors. This has long been an issue for HSM users but there has never been a solution to that problem until now...
Cryptomathic's CSG is a leading edge solution, designed and developed for customers running a range of applications requiring HSMs from a variety of vendors. CSG is used by high street banks in addition to technology and services providers. CSG is the next step in providing applications and users with the highest level of protection - through HSM cloud security.