eIDAS – Breaking the SME Barrier

In a recent article, we looked at how eIDAS can help SMEs grow and prosper. SMEs are undoubtedly the lifeblood of any economy which means that EU initiatives must cater to their specific needs. The previous article looked at how eIDAS can address the security needs of SMEs while reducing their regulatory burden and allowing them to focus on their core competencies.

However, SMEs have a unique set of challenges as well. Today, we look at some of the challenges unique to SMEs and how those challenges may be overcome to ensure that SMEs can benefit from eIDAS enabled tools to the maximum extent possible.

Read more

Exploring the WYSIWYS Concept – What You See Is What You Sign

What You See Is What You Sign (WYSIWYS) refers to the part of any signature process, where you read a document you intend to sign, and ensure that you only sign it once you know it is the right document and agree with its terms. When you read something in your web browser, how can you be sure that the text you read is genuine, from the right source, and agree on the content it displays?

Read more

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.

Read more

How to Improve HSM Usability

In this article we will explore some of the reasons why HSMs can be difficult to use and look at a novel solution that helps to overcome these problems.

Read more

How Common Criteria Helps Organizations Choose the Right HSM

Hardware Security Modules (HSMs) are used in all card payment systems (as well as various other applications that require strong security) to protect business transactions and sensitive information. HSMs allow authentication, encryption/decryption and management of cryptographic keys to occur with the highest level of security. The globally-recognized HSM certification, Common Criteria (CC), guarantees the assurance level of an HSM. This article explores how CC helps in choosing the right HSM for your business needs.

Read more

Benefits of the eIDAS Toolbox – Case Studies from Various Industries (Part 2)

In Part 1 of our series, we covered some simple case studies from the financial services sector and the logistics and trade sector. We looked at possible implementations of some eIDAS enabled tools and how companies can get the most mileage out of their investments into those tools. Today, we look at eCommerce – a sector that is no stranger to digital tools – and the professional services sector.

Read more

Benefits of the eIDAS Toolbox – Case Studies from Various Industries (Part 1)

The eIDAS Regulation has been designed with an aim to optimize digital business practices while simultaneously enhancing security for all users. It allows for better cross border operational compatibility and improves the flow of information which makes the modern economy tick. We have discussed many such aspects of eIDAS in previous articles, but in this two-part series we explore some real-world applications through a few case studies. Here we look at how businesses in the finance and logistics sectors can benefit from the various tools that eIDAS provides.

Read more

The benefits of an automated and centralized key management system

The aim of this article is inform you on how to implement proper key management and to answer 3 important questions regarding centralized and automated key management:

  1. What is Centralized Key Management?
  2. How can a centralized system help meet regulatory compliance?
  3. How can automation further improve the life cycle management of keys?
Read more

How to Reduce Cryptography-Risks related to PCI DSS

The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their clients’ sensitive data, which typically includes the use of strong cryptography as dictated by PCI DSS requirement 3. Most organisations empty this burden on the IT department or IT management teams and hope all their compliance is covered. However, in most cases when there is a data breach, the burden lies on the shoulders of the C-level management, who are left to answer to the difficult questions.

Read more