• United States



Avoiding PKI Cost and Complexity

Nov 01, 20072 mins
Business ContinuityCareersData and Information Security

For years we have been struggling with the complexity, cost, long build timeframes and overall general aggravation with trying to build internal PKI infrastructure and become a certificate authority. The pain index for doing so has been very high. Issuing, managing, revoking, reissuing certificates can be a very labor intensive proposition that increases the cost of your operational environment. Special servers with high redundancy and significant security considerations are needed , policies governing how the certificate authorities (CAs) issue, manage and revoke certificates and store keys, digital certificates, root CAs, Policy, CAs, Issuing CAs, different services, policies, templates, lists and repositories as well as keys and applications that are able to use the PKI is required. Highly trained and skilled staff is needed to manage and maintain the environment.  What if I could avoid all this?

When deploying certificates to customers, say in an environment requiring two-factor authentication, users are required to go through a process that can be taxing although only every 1 to 3 years as a norm. Regardless, these certificates, for security reasons are non-exportable and therefore lock the users access to the assigned machine. Ease of use has not been synonymous with PKI rollouts even though the cost of client and server side certificates is relatively low. 

There are solutions in the marketplace. ChosenSecurity recently announced a fully managed service that reduces the cost and complexity of PKI delivering an on demand service for digital credential offerings. I am impressed with their offering, the overall ingenuity they have woven into their products and the ease of use this presents to corporations and users. No longer do you have to manage this effort. Two factor authentication as required by certain regs and standards is now at your fingertips. ChosenSecurity has taken the SaaS model to another level. Much like a Qualys and their Security as a Service model for vulnerability management, ChosenSecurity is offering on demand PKI SaaS that makes it easy!