Technology is advancing so rapidly that the average business owner would be hard pressed to keep up with the myriad of changes. Nearly all businesses use some type of technology or software to run their operations. And if you have employees the challenge is to keep data secure in the midst of constant change. We’ve taken the rather complex topic of PKI (Public Key Infrastructure) and broken it down into simplified terms to help you understand how this technology can benefit you and your organization.
Why should I care about PKI?
New hires, lost credentials, exiting employees, remote accessibility and supplier or vendor changes all impact the security of your network and data. The need to manage this change is more important than ever and will only increase with time. The options for using PKI (Public Key Infrastructure) encryption are expanding to make this more accessible to mid-sized companies.
What is PKI?
PKI (Public Key Infrastructure) is a tool for encrypting or signing data. Encrypting data is a means of scrambling it in a way that makes it unreadable. Signing data refers to authenticating it with a digital signature that verifies its origin. This generates a digital certificate that functions as a virtual ID card. Think of it as the passport or driver’s licence for your data, computers, software and user credentials. PKI has the ability to then assign a private and a public key to that certificate and manage the public key distribution. The public key is used to validate the requestor’s identity and provide the proof required to trust the security services and permit access.
What are my options?
PKI encryption can be provided through a server based system for either Windows or Mac environments or cloud based service. Verizon Enterprise Solutions recently unveiled their Smart Credential solution. This article outlines their offering and provides some good information about how it works with both your physical and virtual environments. The team at SANS.org posted this white paper detailing the technical requirements of building and managing a PKI solution for a small to mid-sized business.
Data security for merchants
If your business accepts credit cards as a merchant you are already using another form of this type of encryption called SSL. This technology creates small data files that digitally bind identifiers to an organization’s details. When installed on a web server, it activates a padlock allowing secure connections from a web server to a browser. The PKI version is more complex and fits best in a mid to large company setting.
No matter how large or small your company is technology and specifically data security can be overwhelming. If you are in charge of managing this area give us a call. We understand business and we have the technical expertise to help you sort through the details and decide on the best solution for you.