Insights and Outlooks from the Digital Identity Market Leader

    Apr 11, 2018 2:04:16 PM
    GDPR: Digital Certificates and PII
    The General Data Protection Regulation (GDPR) is here.  Enforceable effective May 25, 2018, the GDPR aims to address data protection and privacy rights for citizens of the European Union.  GDPR addresses two primary areas of conce [...]
    Apr 3, 2018 9:04:15 AM
    Crypto-Agility: Death, Taxes, and Weakening Cryptography
    Death, Taxes, and Weakening Cryptography "Nothing is certain except death and taxes." Ben Franklin is often credited with coining this phrase; however, the first known appearance of "death and taxes" in this usage came from a play [...]
    Feb 16, 2018 4:22:58 PM
    5 Guiding Tenets for IoT Security in the Future
    We Can All Move IoT Security Forward Industry groups such as the National Institute of Standards and Technology (NIST), the Industrial Internet Consortium (IIC), and the IoT Security Foundation (IoTSF), are developing security fra [...]
    Feb 8, 2018 10:47:39 PM
    PKI and HSMs: 'Kernel memory leaking' Intel processor design flaw
    At CSS we are all about helping clients manage their Public Key Infrastructure (PKI). We always recommend that customers store their important private keys using Hardware Security Modules (HSMs) because without an HSM it is hard t [...]
    Oct 2, 2017 10:59:00 PM
    Internet of Things (IoT) Security Regulation: Coming Soon?
    Last week, a bipartisan group from the US Senate Cybersecurity Caucus proposed a new piece of legislation called the “Internet of Things Cybersecurity Improvement Act of 2017.”  While the bill has yet to be ratified, it places mor [...]
    Jun 14, 2017 11:04:00 PM
    How Will Blockchain Impact PKI?
    As CTO at Certified Security Solutions, I’ve been asked the question more and more lately, “how will Blockchain impact PKI?”   There’s so much mysticism around Blockchain technology today that it can become difficult to separate t [...]
    Feb 1, 2017 10:52:00 PM
    Certificates as the Rx for Embedding Security Into Vulnerable Healthcare Systems
    The healthcare sector continues to build some of the largest, lucrative and vulnerable stores of data, making them attractive targets for cyber criminals. Further, malicious actors are more prevalent, organized and creative in the [...]
    Oct 1, 2015 6:05:00 AM
    Authentication in an Ultra-Connected World: Internet of Things
    As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates [...]
    Jun 30, 2015 2:34:48 PM
    Authentication in an Ultra-Connected World: Internet of Things
    As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates [...]
    Sep 17, 2014 11:11:00 AM
    Two-factor Authentication via SMS Messaging for FIM 2010 R2 SSPR
    Recently I worked on a customized self-service password reset (SSPR) solution leveraging FIM 2010 R2. The SSPR functionality provided out of the box by FIM 2010 R2 is quite comprehensive. In the design sessions with the customer, [...]
    All posts