Public Key Infrastructure (PKI) has become an integral component within business services and IT infrastructure. PKI provides trusted items that establish confidentiality, authentication and authorization security services, and it can significantly reduce the cost of provisioning these services across the organization. However, the technical complexity of cryptographic features and the need to integrate PKI services with enterprise technology is often challenging and sometimes fraught with administrative issues. This paper looks at PKI requirements, challenges and opportunities where an investment of some extra time and detailed planning work can harvest additional dividends when implementing PKI.
It is not just a technical IT issue to build PKI – significant input is needed from other parts of the organization, so it is best to have all the right people involved from the beginning (including Security, Legal, Audit, Risk, Compliance, HR, etc.). There are also significant benefits to properly implementing Public Key Infrastructure best practices: tangible cost savings, less administrative overhead, centralized management of multiple disparate security functions, automation of critical security processes, and a much higher level of trust in your overall security posture.
Let’s review some key considerations and success factors that we believe are an essential part of the foundation needed to help PKI flourish in your organization. These include:
1) Enterprise Use Cases
2) Documenting PKI Requirements
3) Traceability Matrix
4) Establishing Trust in the PKI Solution
5) A Formal Certificate Authority Build Process
6) A Certificate Authority Key Signing Ceremony
7) Certificate Policy (CP) and Certificate Practice Statement (CPS) Documents
8) Key and Certificate Life Cycle Management
9) Use of a Hardware Security Module (HSM)
Below, you can get your copy of the whitepaper “Public Key Infrastructure: Best Practices and Why It’s Important to ‘Get It Right’” by Walter Cooke, senior manager of cyber advisory at Difenda, to learn more.