Distributed vs Centralized Key Management

The need for mitigating risk with an appropriate key management system (KMS) is critical to the success of any organization that shares sensitive data across networks.

Here is a breakdown of two common types of KMSs and how risk mitigation can be successfully accomplished.

Read more

Differentiating between managing the lifecycle of cryptographic keys, protecting the keys and using the keys

The modern world of cybersecurity can be a confusing place. There are tomes of data, regulations, and mandates in addition to the complex technical aspects. This is especially true when it comes to crypto key management systems (KMSs).

Read more

eIDAS – Breaking the SME Barrier

In a recent article, we looked at how eIDAS can help SMEs grow and prosper. SMEs are undoubtedly the lifeblood of any economy which means that EU initiatives must cater to their specific needs. The previous article looked at how eIDAS can address the security needs of SMEs while reducing their regulatory burden and allowing them to focus on their core competencies.

However, SMEs have a unique set of challenges as well. Today, we look at some of the challenges unique to SMEs and how those challenges may be overcome to ensure that SMEs can benefit from eIDAS enabled tools to the maximum extent possible.

Read more

Exploring the WYSIWYS Concept – What You See Is What You Sign

What You See Is What You Sign (WYSIWYS) refers to the part of any signature process, where you read a document you intend to sign, and ensure that you only sign it once you know it is the right document and agree with its terms. When you read something in your web browser, how can you be sure that the text you read is genuine, from the right source, and agree on the content it displays?

Read more

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.

Read more

How to Improve HSM Usability

In this article we will explore some of the reasons why HSMs can be difficult to use and look at a novel solution that helps to overcome these problems.

Read more

How Common Criteria Helps Organizations Choose the Right HSM

Hardware Security Modules (HSMs) are used in all card payment systems (as well as various other applications that require strong security) to protect business transactions and sensitive information. HSMs allow authentication, encryption/decryption and management of cryptographic keys to occur with the highest level of security. The globally-recognized HSM certification, Common Criteria (CC), guarantees the assurance level of an HSM. This article explores how CC helps in choosing the right HSM for your business needs.

Read more

Benefits of the eIDAS Toolbox – Case Studies from Various Industries (Part 2)

In Part 1 of our series, we covered some simple case studies from the financial services sector and the logistics and trade sector. We looked at possible implementations of some eIDAS enabled tools and how companies can get the most mileage out of their investments into those tools. Today, we look at eCommerce – a sector that is no stranger to digital tools – and the professional services sector.

Read more

Benefits of the eIDAS Toolbox – Case Studies from Various Industries (Part 1)

The eIDAS Regulation has been designed with an aim to optimize digital business practices while simultaneously enhancing security for all users. It allows for better cross border operational compatibility and improves the flow of information which makes the modern economy tick. We have discussed many such aspects of eIDAS in previous articles, but in this two-part series we explore some real-world applications through a few case studies. Here we look at how businesses in the finance and logistics sectors can benefit from the various tools that eIDAS provides.

Read more