Digital Certificates

Time Is Running Out for 2-Year TLS/SSL Certificates

It shouldn’t come as a surprise that we are talking about TLS/SSL digital certificate lifespan again; after all, the industry has been mandating a shorter lifespan for TLS/SSL certificates for the past few years. It is good security practice to use short-lived certificates, as it reduces cyber risk for organizations by shortening the window of opportunity for hackers if the certificate keys get stolen.

How to Use PKI to Implement Zero Trust Security

The concept of Zero Trust is a security model where all users and devices are treated as untrustworthy, even if they are already inside a network. The term Zero Trust is credited to Forrester Research based on a security model they published in 2010, which challenged the norm at the time of defending only the network perimeter and questioned the assumption that anything already inside the network is not a threat.

Preparing for the Future of Digital Certificates

Digital certificates secure everything from devices to web pages, but only if they’re properly managed. Technologists who follow public key infrastructure (PKI) and IoT have identified two key trends that will have a broad impact on this market space. The first is that digital certificate lifespans continue to get shorter. The second is a massive uptick in the number of devices requiring a certificate.

How to Choose the Right TLS/SSL Certificate

Transport Layer Security (TLS), or famously known as Secure Socket Layer (SSL), are cryptographic protocols that establish an encrypted connection between a browser and a web server. This connection protects data privacy and integrity as communication between both parties remains encrypted. In short, it keeps the internet connection secure and protects sensitive data such as personally identifiable information, credit card details, and passwords from attackers.

Short-Lived Digital Certificates Are Taking Over

One reason organizations like yours have benefitted from using digital certificates is because of the longevity of the technology itself. Since certificates have been in use for decades, they’re widely supported and easy to integrate with business systems and applications—without the compatibility woes you may face with newer technologies. Even at their relatively distinguished age, certificates provide strong security thanks to PKI’s cryptographically mighty algorithms.

A Security Playbook for Working from Home

Chances are you are deep in the middle of a remote working scenario that is not of your own creation. The current infectious disease outbreak has sent workforces everywhere scrambling. Employees who have never worked remotely suddenly find themselves dispatched to home offices, IT is under incredible stress, and—as of this writing—it’s hard to predict when we will return to normal.

Hang in there, brave, kindred IT spirit! You’re not alone.

The Rise of Business Email Compromise (BEC) and How PKI Can Help

There’s a new-ish acronym in town: BEC (business email compromise). BEC is what law enforcement agencies and analysts are now calling phishing that targets corporate structures and public entities, thanks to the rise in frequency and complexity of these scams. As network security hardens, bad actors have to find another way in. Too often, users are the weakest link in secure enterprise systems.

The Role of PKI and Credential Management in Modern Authentication

While we enjoy the business opportunities, productivity gains and user conveniences of our data-driven economy, we certainly do not enjoy the cost and devastation of having accounts hacked, clients’ data stolen or employees’ identities misused.

Business Email Compromise Attack – The Art of Impersonation

Business Email Compromise (BEC) is a type of phishing attack in which an attacker impersonates a high-level executive and attempts to trick an employee or customer into transferring money or sensitive data. According to the Federal Bureau of Investigation (FBI), as of 2018 this scheme has already caused $12.5 Billion in losses to companies. The FBI warned that there was a 60% increase in 2018 in fake email schemes that aim at stealing money or tax data. These figures support the fact that BEC attacks are technically simple but extremely effective in nature.

IoT: The Ecosystem that Just Keeps Expanding

Today is Internet of Things (IoT) Day, which means it’s the perfect time to explore how this brave new world of smart devices has changed the way we do business—and how we think about security. For over a decade, the concept of IoT has been attracting buzz from tech enthusiasts, business leaders, and consumers alike.