Dawn M. Turner (guest)

Dawn M. Turner is a professional author with a passion for technical regulations and standards, as well as for their relevance and impact on corporate operations and industry in general. Dawn has more than 10 years of IT industry experience in hardware, programming & systems & network engineering. Her educational background includes a Certificate in computer operations & programming, CompTIA and Microsoft certifications, including A+, MCSE and MCP, Associates degree with major in business & minor in computer science, Bachelors of Science degree with major in business forensics & minor in accounting and an MBA with concentrations in finance & economics.
Understanding the Concepts of Bring Your Own Key

Understanding the Concepts of Bring Your Own Key

Bring your own key (BYOK) is a popular term relating to key management for cloud applications. However, a lack of standardization makes it confusing to understand the various meanings that exist under bring your own key. To help understand this, the Cloud Security Alliance (CSA) in its document “Key Management in Cloud Services” has been helpful in describing the various meanings and concepts surrounding “Bring Your Own Key.”

eIDAS-compliant eSignatures: Business Continuity in Times of COVID and Beyond

eIDAS-compliant eSignatures: Business Continuity in Times of COVID and Beyond

The COVID-19 pandemic put many industries to the test as they found alternate ways to serve their customers and manage to survive the crisis. The banking and finance sector may have already been ahead of the curve with digitalisation.

Cryptomathic CKMS: Centralized & Automated Key Management for payShield HSMs

Cryptomathic CKMS: Centralized & Automated Key Management for payShield HSMs

Banks and financial institutions must adhere to a rigorous set of security and regulatory practices to protect data, communications, and processes.

Selecting the Right Key Management System

Selecting the Right Key Management System

The protection and secure management of cryptographic keys is crucial for ensuring that cryptography is used in the most effective way to keep data secure. Picking the wrong key management system (KMS) can thwart all the efforts that have been made in using cryptography to protect information.

Air India's Massive Data Breach - following best practices for data security is more important than ever

Air India's Massive Data Breach - following best practices for data security is more important than ever

Recent events throughout the world have evidenced that high-profile hackers and state-sponsored attempts at security breaches have been steadily increasing since 2020. It is becoming rapidly apparent that no sector is immune to becoming a victim of a data breach, including the airline industry, where the safety of crew and passengers is put at grave risk.

Misuse of X.509 Certificates & Keys Involved in SolarWinds Attack

Misuse of X.509 Certificates & Keys Involved in SolarWinds Attack

This article discusses the misuse of X.509 certificates and keys in the SolarWinds attack and how Cryptomathic CKMS and CSG could help protect against such attacks.

Plugging the Security Gaps in Mobile Banking Apps

Plugging the Security Gaps in Mobile Banking Apps

An investigation conducted by "Which?", a consumer watchdog group based in the UK, found serious vulnerabilities in the security of banking security systems, including mobile banking apps.

Cryptomathic Signer’s QSCD is Certified Based on the Common Criteria Recognition Arrangement

Cryptomathic Signer’s QSCD is Certified Based on the Common Criteria Recognition Arrangement

Cryptomathic’s Signer is the only qualified (electronic) signature creation device (QSCD) that is certified under the SO-GIS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target conforms to the certified protection profile EN 419 241-2.

Understanding the Certificate Authority in the Context of eIDAS

Understanding the Certificate Authority in the Context of eIDAS

In this article, we will discuss the Certificate Authority (CA) in the context of eIDAS and what is required of this entity in ensuring the integrity of qualified electronic signatures.