Over the last 10 years, enterprises have moved on from decentralized and distributed key management to centralized key management systems to provide secure and unified key life-cycle management.

With increasingly tough security and privacy regulations, the use of cryptography is exploding in the modern enterprise. Hardware security modules (HSMs) provide the highest standard of security and compliance, but they are difficult to use and often deployed in silos, complicating compliance and hindering crypto-agility. As competitive pressures intensify, how can cryptography be turned into an enabler of business agility and digital transformation?

The following content is an introduction to trust services and remote Qualified Electronic Signatures (QES) according to the eIDAS regulation and standards. This article is aimed at highlighting what a trust service provider (TSP) is and the valuable benefits of remote QES and other trust services.

This article looks at the concept of cryptographic key management – what it is, why it’s important, and how an electronic key management system simplifies the task of managing a high volume of keys.

Ensuring that the integrity of an e-signature remains intact is crucial to protecting its attached messages or documents. This article will explain three types of e-signature validation attacks and how they can be avoided by adopting the standards for e-signatures under eIDAS.

This article outlines the importance of code signing and describes a centralized approach for securing and streamlining the code signing process through technical and procedural enhancements.

With data protection standards, such as GDPR, and the sheer mass of data that companies collect and accumulate, the protection and control of information has become increasingly important. The deployment of encryption is the backbone of any given organisation’s systems security scheme towards the goal of data protection.

In this article we look at the role of random number generators (RNGs) and put them into a procedural context with hardware security modules (HSMs) and key management systems (KMSs). 

In Part 1 of our article, we briefly summarised the challenges faced in the uptake of eIDAS services for SMEs. A recent study conducted for the European Commission found that awareness and lack of resources were the main barriers. Efforts to highlight the benefits of eIDAS services through real-life case studies was also found to be lacking. In order to address these barriers to adoption, certain recommendations were made which are summarised below.