Server and Device Hardening Recommendations for Key Management Systems

This article discusses the procedures and techniques used in key management system hardening for servers and devices. 

Read more

Classification of Cryptographic Keys (Functions & Properties)

This article describes the functions and properties of the various cryptographic key types used for securing digital communications. Recommended crypto-periods are also discussed.

Read more

Key Management Considerations For Creating a Domain Security Policy

This article discusses the necessary exchange of information between entities within a security domain and other entities outside of the security domain, including recommendations to regulate and secure this flow through the Domain Security Policy.

Read more

Cryptographic Key Management Policy: a layered approach

 

This article discusses the functions and use of hierarchical layers when establishing a cryptographic key management policy, and how the policy layers interact.

Read more

How To Solve The Biggest Problems With Key Management

Cryptographic keys are used to secure data-at-rest and data-in-transit. Trying to keep them protected yet always available for use is one of the most difficult problems in practical cryptography. Improper key management can lead to key leakage, where an attacker obtains the key and recovers the sensitive messages from the encrypted data.


This article discusses the key management problems and Cryptomathic's approach to solving the challenges faced by large organizations that use cryptography for variety of applications.

Read more

How Leading Banks Excel at PCI DSS through Key Management

During April 2015, PCI DSS v3.1 was released as the latest iteration for industry-wide requirements and guidelines for securing cardholder data. 

This blog post discusses the cryptographic key management techniques used in the banking industry to comply with PCI DSS.

Read more

Advantages of Centralized Key Management

Traditionally, end-to-end lifecycle key management was achieved through inefficient paper-based procedures and highly resource intensive tasks performed by 4 or 5 employees, but this inefficient process leads to human errors and is very time and resource consuming. Centralized cryptographic key management is the best solution to overcome such dependency on individuals.

This article discusses the advantages of using a centralized key management system.

Read more

7 Tips for Correct Usage of Encryption to Secure eGovernment Processes

Encryption has become the most essential part of securing data online. The biggest headache to the Cybersecurity industry is a data breach. The last few years have seen an increase in hacking and exposure of confidential data to individuals or cyber criminals. Lack of data protection or data encryption has been one of the major reasons behind such security breaches.

Recently, a healthcare industry data breach occurred because the company stored Social Security Numbers of 80 million customers without encrypting them. The subsequent paragraphs suggest a set of best practices that can help to improve the level of cyber security in eGovernment transactions.

Read more

10 Tips for a Cryptographic Key Management System in the Banking Industry - a Penetration Testing Perspective

This article discusses the shortcomings and learnings from penetration testing of cryptographic key management systems for banking organizations.

Read more