When it comes to security, you surly want only the best for your business and that is precisely what CROZ engineers are offering when implementing security solutions based on PKI infrastructure.
The origins of PKI infrastructure go back to the year of 1976 when the algorithms based on asymmetrical keys were published for the first time. Today, consciously or not, PKI infrastructure is being used almost everywhere: from establishing SSL or VPN channels to database and e-mail encryption.
CROZ ensures the information security of its clients by providing two groups of services:
Implementing a PKI infrastructure and smart card as a security media
Services of Implementing a PKI Infrastructure and Smart Card as a Security Media Not willing to compromise when it comes to security, CROZ has a group of experts certified to work with today’s most renowned PKI system - Entrust Authority. It made its first appearance on the market in 1994 as a first commercially available PKI system. During 13 years of development and after 7 versions, Entrust Authority has become the most widely present PKI system in the world. CROZ experts, skilled on numerous projects concerning implementation and maintenance of a PKI system, perform the services of implementing PKI infrastructure, integration with outside systems, implementing systems for issuing and managing smart cards plus proactive monitoring and maintenance of existing PKI infrastructure.
Fundamental precondition for performing cryptographic operations is to possess a digital certificate and appropriate private key. Each entity in the system that wishes to exploit the security aspects of the system must posses the certificate, regardless of it being a person, device or an application. Dealings of issuing and managing certificates, PKI infrastructure takes care of by itself. Private entity keys represent the crucial components of the system which under no condition are to leave the possession of the entity itself. Security system is as secure as the private keys owned by the entities are secure.
The system security level can be enhanced by using smart cards as media for storing private keys. Smart cards require authentication on two levels (so-called Two-factor authentication) because they concurrently use two methods of authentication: “something you own” (the card itself) and “something you know” (PIN without which the card is worthless). With that alone the access to the private key by the unauthorised persons is considerably harder. The architecture of the smart card enables creation of the private key on the card itself as well as the activation of the feature that makes it impossible to copy the key from the card. Thus the smart card, as a media for private key safekeeping, is much safer than the media like the hard disk, diskettes, USB sticks and so on.
Services of Implementing Security System’s Layered Architecture Solutions
Different organizations have different needs regarding security levels. Some are satisfied with just the encryption of their e-mails while others have the necessity of encrypting their network traffic amongst remote locations. Layered approach to the security system’s architecture implementation gives us the opportunity to set up security according to you and your system thus making a customised solution just for you.
Layers that build the entire enterprise architecture are:
WorkstationsAuthentication – by using smart cards with a digital certificate when logging into the client workstation one can control and limit the access.
Database, Directory and Disk Data Encryption – database and directory encryption can be performed for a single user or a group of users
Remote Access Authentication (establishing a VPN channel) – by remote access authentication and network traffic encryption it is possible to attain a secure data channel through an insecure media, such as the Internet.
Network Disk Encryption – by encryption of network disks the critical data is protected on the network
Secure End-to-End Messaging – by encrypting and digital signing messages one enables security and irrefutability of content
Content Control and Policy-and-Content-Based Encryption – by advanced content monitoring of the network traffic it is possible to define one’s own security policy by which certain contents on the network are automatically encrypted or even blocked.
CROZ experts certified in the field of computer security are offering the services of building a multi-layered security system. Each such layer is not dependent on the other which in turn enables the implementation of arbitrary combination of layers in order to achieve the desired security level. Layers can be implemented one by one or all at once, as a complex security solution which includes your organization, devices, applications and users of the system.
Transparent Integration with Present Infrastructure Wide spectrum of applications that support encryption operations uses digital certificates. Considering how the support of encryption operations became in fact a standard when developing an application, PKI infrastructure fits naturally into your system and is complemented by the application layer. With your requests and present infrastructure in mind, CROZ experts will find the best possible way for PKI infrastructure implementation to be transparent for end-users as well as for existing investments into your IT system to remain protected.
Upon establishing a PKI infrastructure, there is no need, in most cases, to install additional programme support in order to use the infrastructure. PKI infrastructure will distribute and manage certificates which existing applications use when performing encryption operations, and all with the aim of:
authentication (e.g. when logging in the operating system by using a smart card, establishing a SSL or VPN channel and the like)
encryption (of a database system, e-mails, network traffic)
digital signature (in order to insure document’s integrity)
Should there be need for specific functionalities, CROZ experts will recommend appropriate programme support or offer to develop an application solution, tailored according to your needs.
