Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

As companies increasingly become dependent on information in a digital format, they are faced with legislation relating to the protection of such information.

In South Africa it is clear that a new age has dawned with the adoption of Acts such as the Electronic Communications and Transactions (ECT) Act and more recently the new Protection of Personal Information (PoPI) Act that will force companies to actively and aggressively protect Personal Identifiable Information and apply data security in all of its forms.

On the other side of the spectrum a steady increase in cyber threats have seen businesses starting to implement controls based on cryptology methods such as Public Key Infrastructures (PKI). This is done in order to protect their data, clientele and themselves, and to create a trusted environment to operate in.

PKI are essential in the identification of people, devices and services by employing cryptographic technologies such as digital signatures and certificates to create credentials that are unique and can be validated.

PKI is commonly applied in the e-commerce space through the application of SSL/TLS when transacting over the internet and the application of digital signatures on electronic documents to verify origin and integrity. Smart devices, mobile banking and smartcard solution such as ID and Passports also makes use of PKI infrastructures.

A Public Key Infrastructure provides the following assurances:

  • Integrity of information sent and received electronically.
  • Confirming authenticity of origin and destination of information.
  • Time of communication (if combined with a trusted time source).
  • Information privacy.
  • Trustworthiness of information as evidence in a court of law.

 

How can we help?

Let us help you guarantee the integrity of digital identities and operate PKIs across your enterprise confidently by;

  • Protecting signing keys in offline and online certificate authorities
  • Protecting signing keys in OCSP responders
  • Role separation between usage and administration
    • Defined processes for using and copying keys
    • Satisfy audit and compliance requirements
  • Integration with major PKI vendors
  • Assisting you to design and deploy highly effective, customized PKIs in the Microsoft AD (Microsoft Active Directory Certificate Services (AD CS)) and open source space.
  • Train the skills you need to optimize your PKI operations.
  • PKI document and service deploy by helping your business reconsider your use of digital certificates and PKIs in collaboration with our business partners.
  • Performing a PKI Healthcheck to help you understand whether your PKI is performing optimally and most securely, and make recommendations for improvements.
  • Helping you to safely and securely migrate your PKI to a newer version and take advantage of up-to-date security developments and functional enhancements.

 

Contact us today