Relevant Items

A Fresh Take on PKI | BLOG

As discussed in our first Digital DNA series blog post, organizations are recognizing opportunity and driving toward new digital business models. However, security and risk are seen as major bottlenecks and putting appropriate controls in place is required to allow for the required agility in these models. In the last post we discussed how identity can be woven into the fabric of the business to establish trust within and across systems and to provide a strong foundation from which to enable the business model. In August, Gartner issued a report titled PKI Is Gearing Up for the Internet of Things. While IOT is an important aspect of what’s addressed in the report and a foundational aspect of digital business (and something we’re really excited about), the focus on IoT in the title somewhat undervalues the breadth of content covered in the report. In the report, the analyst discusses the resurgence of PKI as a result of IoT, mobility and cloud, and reviews best practices and considerations for deployment, and talks to disruptive technologies such as blockchain (another thing we’re excited about), DevOps and Quantum Computing. Enterprises in every market — from banking and insurance to aerospace and retail — are rapidly pushing beyond their traditional perimeters and creating complex digital ecosystems that connect customers, partners, mobile workers, apps and devices. The goal of these widespread enterprise transformations is to create the perfect integration of the physical and digital worlds — and truly create transformational business models that redefine markets, accelerate innovation processes and allow enterprises to establish deeper and more integrated relationships with their customers. This transformed world of connected people, devices and applications requires a new lens from which to view security. This means a shift from traditional password and user-name security to an approach based on trusted identity. The best way to issue, track, update, revoke and generally manage identities in a digital ecosystem is with digital certificates — which makes PKI a necessity. The idea of deploying and managing a PKI solution is likely to conjure up thoughts of technical complexity and the need for highly specialized — and highly paid — in-house talent. The good news is, this is no longer true. PKI technology was a bit complicated and required a somewhat specialized staff when it was first introduced and adopted by governments, banks and other organizations with high-assurance security needs. Cost was also an issue for some, who often turned to “free” PKI. This model created serious management — and cost — issues because each “free” PKI was a point solution, which meant every application required a dedicated in-house certificate authority (CA). To be fair, Entrust Datacard is well represented in the aforementioned report and it’s fair to say that pointing this out is a bit promotional, but PKI is in our DNA and I think it also represents our strategic view as an organization.  The innovations we continue to bring to the technology are giving the world’s most trusted PKI a digital makeover. In other words, we continue to simplify the PKI user experience — while improving its ability to enable digital business and help enterprises safeguard against the potential vulnerabilities that would otherwise accompany an expanding digital business ecosystem. Come back next week as we continue our Digital DNA blog series with a post on PKI and the identity evolution.