White Paper: Crypto-Agility for IoT. Download.
Organizations require enhanced security for data, and strong credentials for authentication. These requirements include properly identifying data communication participants, encrypting data for controlled access, and digitally signing code to ensure process authenticity. Establishing a foundation of trust and unique identity is the first step in these functions. The need for identity and trust applies equally to internal data and communication, as it does to external, cloud, and IoT infrastructures.
Digital certificates secure data and facilitate the authentication of users, mobile devices, computers, servers, networking devices, and now IoT devices. Explosive growth in the deployment and adoption of new business applications, and the introduction of both personal and IoT devices to corporate networks, has brought additional focus on the need for identity and security. They have also introduced new challenges of scale and complexity. Next generation solutions are required in order to meet these modern business needs, and to ensure future challenges and threats are effectively addressed.
Addressing original PKI objectives, current requirements, and planned needs, the CMS platform provides an effective PKI operations and digital certificate management that facilitates business growth, drives security and compliance, and delivers ongoing ROI to business and technology owners.
The CMS Platform is purpose built to:
Manual management of digital certificates consumes time and resources, and easily results in costly events caused by certificate expiration, misconfiguration, and uncontrolled deployment. System outages are a common occurrence, and often due to the mismanagement of digital certificates - which can be avoided with proper PKI automation and certificate lifecycle management from the CMS Platform.
The power of digital certificates provides a mechanism for encryption, authentication, authorization, and secure code signing. These same certificates, in the wrong places or misconfigured, can also lead to undesired results in the form of malicious intrusions and data breaches. In order to avoid these costly outcomes, the CMS Platform tells you where EVERY SINGLE CERTIFICATE is, and ensures its correct configuration and usage.
What began as a project to secure wireless access or encrypt website traffic using SSL, progressed into an enterprise-wide initiative to secure wireless network access and encrypt sensitive documents and emails, and was then extended out to all mobile devices that touch the corporate network. Efforts are now being made to ensure every device and sensor in the company's IoT project has a unique identity. The scale and diverse usage of certificates is growing exponentially, and the CMS Platform was built for exactly that scalability.
As IoT products and projects gain momentum, security is top of mind for manufacturers, vendors, operators, and consumers. Critical to IoT security is the establishment of a device identity foundation, with Root of Trust and unique certificates on each device. The CMS Platform architecture supports comprehensive lifecycle management for millions of devices, together with tools for integration with the devices, IoT platforms, analytics systems, and additional IoT ecosystem components.
Multiple systems can be used in order to manage certificates residing across different systems, or originating from different issuing sources. Certificates can be discovered through discovery mechanisms, and imported into management systems manually as well. To achieve optimal efficiency and reduce the time and resources needed for comprehensive certificate management, the CMS Platform synchronizes directly with internal and external Certificate Authorities (CAs), and provides a single console for management of EVERY SINGLE CERTIFICATE.
Yesterday's PKI that resides on-premise, may move to the Cloud tomorrow. New PKI instances for specific projects and requirements may be deployed directly to the Cloud from their onset. Your PKI operations and certificate lifecycle management platform should have the flexibility to work with your PKI, or multiple PKIs, regardless of where they reside and how they bridge the datacenter-cloud architecture. The CMS Platform can run both on-premise or in the cloud, and can also run in a hybrid mode when both hosting methods are in play.