Jun 29, 2020 2:32:13 PM

[Webinar Recap] Modernizing Your PKI Infrastructure and Security with Keyfactor and Thales

Over the years, the definition, functionality, and team required to operate a modern PKI infrastructure has drastically changed. Between rapid advancements in the cloud and the need to prepare for quantum, more and more organizations are seeking out solutions, like Keyfactor Control and Thales’ SafeNet DPoD, to help secure business, stay compliant, scale and free up internal resources.  

Learn more about the importance of building a modern PKI infrastructure and how to scale the security to support the growing uses of PKI in the webinar or text below:  

 

What does the Keyfactor and Thales partnership provide for the world of PKI?  

Keyfactor and Thales partnered to develop an integration that delivers secure code signing to software vendors, mobile app developers, enterprise IT organizations, and manufacturers of IoT devices.  

The integration combines Keyfactor Control PKI solutions and Gemalto’s cloud-based SafeNet Data Protection On Demand (DPoD) and SafeNet Luna Hardware Security Modules (HSM), which allows enterprises and IoT-enabled manufacturers a secure PKI, whether in-cloud or in client-hosted environments. The solution's cloud delivery meant users quickly recognized benefits that included a highly customizable, flexible, and scalable secure PKI. The partnership enables several cloud solutions including PKI, SSL application security, code signing, firmware updates, IoT device management, data encryption, key management, and user access control.  

Until this collaboration, enterprises needed to build and integrate disparate systems to realize the value of digital transformation. Without a cloud-based root of trust and strong key management, large scale of IoT deployments would not be possible. Now, enterprises can efficiently deploy these secure, cloud-based services within hours while maintaining trust at scale. Our solution interacts with every PKI use case, both public and private, and provides lifecycle management for every identity and key pair.  

 

How has cloud helped modernize and change the way business and security leaders think about PKI?  

As time spent in the cloud continues to grow, CISOs, CIOs, and GRC teams have started to realize the growing importance and need for a scalable, forward-thinking level of certification and auditability to secure and protect critical data.  

Keyfactor implements SOC 2 Type 2’s on an annual basis and is continuously looking at the compliance landscape for markets and industries that are asking for our help when it comes to cloud security solutions.  

 

How has a greater focus on remote business and cloud-based data in the past few months, shifted conversations about security and data protection with business leaders?  

When much of the working world went remote at the introduction of COVID-19, organizations rushed to provide secure connections and authentications at scale, which ended up shedding an unintentional light on the importance of where data was being stored within their business, convincing leader to prioritize a digital transformation to make data more accessible.   

However, that is only scratching the surface of a digital transformation. The conversation begins to transform into one focused on PKI and the use of digital certificates and encryption keys when leaders begin talking about the need to implement proper authentication for universal recognition of users across multiple different cloud assets and how data is encrypted across those assets.  

 

As this “digital transformation continues to expand, what are the best recommendations for whether a hosted or in-house PKI solution is the best for business and security?   

Because of the growing complex nature of security needs, more and more organizations are looking at managed services.  

When looking at PKI basics, trying to manage current keys and certificates, issue new ones, and retire old ones while trying to maintain policies, compliance and a high level of security is a tall order for most organizations to fulfill on their own. In large part, due to a shortage of staff with the knowledge and experience to manage those processes.   

According to a recent Ponemon study, only about 38% of respondents thought they were properly staffed for managing PKI keys and certificates in their organization.   

By working with a cloud solution provider that can manage your PKI, like Keyfactor and Thales, organizational personnel and skillsets are freer to focus on enabling use cases for the business to be more secure.   

 

In addition to the advancement of the digital transformation, how does quantum computing impact the need for future-minded, scalable security?  

Quantum computing can create the risk of malicious actors being able to hack and gain access to things at levels we’ve never seen before. This introduces the need for crypto agility post-quantum, and in the case for IoT, in a way that is quick enough to mitigate risk in a customer-friendly way.  

The best way to stay crypto-agile and not have to create a customer recall as a manufacturer is to start building crypto into your products and their lifecycles as soon as possible. In short, quantum computing is pushing organizations to modernize their infrastructures with devices and solutions, like Keyfactor and Thales, as much as possible as the Digital Transformation continues to snowball.