The new cryptographic security offering leverages Entrust’s expertise in encryption technology, best practices and discovery tools to give enterprises visibility and control over their crypto instances and PKI systems
Entrust, a leading provider of trusted identities, payments and data protection, today announced its Cryptographic Center of Excellence (CryptoCoE) solutions, providing the tools and resources enterprises need to take command of their crypto instances and PKI systems through best practices that bring together the visibility, expertise and compliance required for a strong crypto strategy.
Digital technologies are transforming the enterprise, from new DevOps practices, cloud and multi-cloud environments to the Internet of Things (IoT). And with this transformation comes new data security challenges. While IT leaders are rapidly increasing use of cryptography-based solutions like public key infrastructure (PKI) to support identity, authentication and encryption, they are struggling to manage crypto across the enterprise. Entrust’s 2020 Global PKI and IoT Trends Study found nearly 71 percent of IT leaders struggle to understand where sensitive data resides within their organizations.
“Organizations need to look at ‘encrypt everything’ strategies to protect their enterprises in a zero trust world. Crypto is critical infrastructure that requires expertise, dedicated resources and a set of standards to keep it under control and in compliance. Entrust has led the world in cryptographic security solutions for more than 25 years, and now, we’re proud to deliver that expertise to customers with the first Cryptographic Center of Excellence building block solutions,” said Jay Schiavo, Vice President of Entrust Digital Certificate & Signing Solutions. “Weak crypto often leads to business disruption, which is why our CryptoCoE solutions help enterprises with the expertise, visibility and tools they need to bring hidden crypto and PKI to light and mitigate rising threats.”
Gartner predicts that “by 2021, organizations with crypto-agility plans in place will suffer 60 percent fewer cryptographically related security breaches and application failures than organizations without a plan1.”
The Entrust CryptoCoE solution has five building blocks that help achieve crypto and PKI excellence:
- Crypto Health Check improves overall IT security posture by providing ongoing visibility into a complete cryptographic inventory, expertise and best practices. The Crypto Health Check team scans an organization’s environment to build a cryptographic inventory and scores it against cryptography standards and policies. The data analysis is then turned into an actionable plan with measurable results – arming security, compliance and risk teams with the insights needed to mitigate crypto-related threats and bring hidden crypto into view.
- Crypto Governance Consulting places an expert-by-your-side to walk your organization through the essential steps of establishing a governance platform.
- PKI Governance Health Check reviews an organization’s PKI policy documentation and the different roles, processes and policies that they outline. Comparing those policies against best practices, compliance requirements, and business needs, Entrust will deliver actionable recommendations to ensure there are no procedural gaps and that they demonstrate compliance standards for audits.
- PKI System Health Check assesses the status of the technology and software of an organizations PKI implementation(s). From looking at the equipment and algorithms in use, to documenting architecture and providing recommendations – Entrust experts will guide and assist organizations to ensure their PKI is able to meet their current and future business requirements.
- PKI Governance Consulting assists organizations setting up a new PKI and defines and documents the policies used to govern their PKI.
“The cryptographic center of excellence does not necessarily have to own and operate all tools,” said David Mahdi and Brian Lowans, Senior Research Directors for Gartner. “Instead, it should be a central point of control that provides guidance and governance. It must establish an appropriate organizational framework for when central tools must be used and under what circumstances different business units can operate and manage their own systems.”2
Read More:GlobalFintechSeries Interview with Jorge Sun, CEO and Founder at LendingFront