What is Banking-Grade Tokenization According to PCI DSS

The concept of a token has been used in the digital world for almost 50 years to separate and protect real data elements from exposure. In recent times, the concept of tokenization has been used as a security mechanism for protecting sensitive data. When using tokens for data security, non-sensitive data elements that have no exploitable value act as a substitute for sensitive data elements. The tokens act as an identifier/reference that maps back to the sensitive data that is being protected through the tokenization system. Here we look at banking grade tokenization in relation to PCI DSS.

Read more

The Need for a Crypto Abstraction Layer: Utilizing HSMs with Greater Efficiency and Agility

With increasingly tough security and privacy regulations, the use of cryptography is exploding in the modern enterprise. Hardware security modules (HSMs) provide the highest standard of security and compliance, but they are difficult to use and often deployed in silos, complicating compliance and hindering crypto-agility. As competitive pressures intensify, how can cryptography be turned into an enabler of business agility and digital transformation?

Read more

Achieving Software Integrity Through Centralized Code Signing

The phrase “…Software is eating the world.” was famously used by Marc Andreessen in a WSJ article in 2011. It is now 2019 and one could argue that software has successfully eaten the world.

Read more

Achieving Agile Cryptography Management with Crypto Service Gateway (CSG)

CSG helps you realize business-agile and efficient crypto services, with central control of security policy and crypto hardware. In this article, we will look at some of the uses cases that address common crypto headaches whilst generating a strong return on investment.

Read more

What is Quantum Computing and how does it relate to today’s Cryptography Infrastructure Investments

The rise of quantum computing is expected to have significant impacts on both financial and technological considerations when evaluating infrastructure expansion and upgrades. Quantum computing is still being developed but gets closer to reality every day. Here we look at the high level impacts of quantum computing in relation to cryptographic infrastructure.

Read more

Differentiating between managing the lifecycle of cryptographic keys, protecting the keys and using the keys

The modern world of cybersecurity can be a confusing place. There are tomes of data, regulations, and mandates in addition to the complex technical aspects. This is especially true when it comes to crypto key management systems (KMSs).

Read more

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.

Read more

How to Improve HSM Usability

In this article we will explore some of the reasons why HSMs can be difficult to use and look at a novel solution that helps to overcome these problems.

Read more

What is Crypto-Agility?

Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.

Read more