Rise of the Digital Certificates -- Security Today

Exclusively Online

Rise of the Digital Certificates

Accelerating access to critical information securely

By Steve Laubenstein
May 05, 2008

Securely exchanging and storing documents and emails has become a necessity across multiple industries. An increasing number of businesses need to exchange data internally as well as with business partners and customers. The question is: How do you do exchange information easily, efficiently, and securely? How do you deploy a security solution that won’t inhibit your business growth by keeping information from the people who need it?

Security is a requirement for sensitive information. Everyone, from CEOs of the largest companies to home users saving tax returns on their home computer, needs to protect sensitive information. Almost everyone has information, on occasion, that they email or store that needs to be protected. Sensitive information needs security that travels with it, wherever it goes.

One solution for protecting sensitive information is digital certificates with data-centric security. Put simply, data-centric security is security that always stays with your data, in transit and at rest. Unlike other security solutions that are focused on stopping attackers and protecting individual assets, data-centric security is about protecting the data itself.

Often when people hear the words “digital certificate” or “public and private key,” they have come to expect yet another technical article on PKI (public key infrastructure). Digital certificates, in their simplest form, make authenticating and securing documents and emails extremely simple. Like many forms of technology, digital certificates were once expensive and reserved for large companies with multiple resources, but are now easy to use and available to the masses without requiring infrastructure. This makes implementing digital certificates practical for a variety of purposes -- you no longer need to be a big company with extensive IT resources to take advantage of digital certificates. Small businesses, and even consumers, can benefit greatly from digital certificates combined with data-centric security software. As stated earlier, almost everyone has the need to send or store something securely on occasion. The issue is making sure the software solution you choose is simple to use and works more like a utility than technical security software.

First, let’s take a look at how a digital certificate works. A digital certificate is a general term for public and private keys that are digitally signed. When someone gets a key pair, it consists of a public and a private key. The public key is provided to anyone who wants to encrypt something for you. The private key, which only you have, is used to decrypt. A digital signature attaches an identity to the public key so you know who it belongs to and is usually performed by a trusted party, such as your company or a certificate authority like Comodo® or Verisign®. This is done so if you receive a public key from a directory or another indirect source, you are assured it belongs to a particular person.

How do you get a public key so you can encrypt documents and emails for someone else? The two most common ways are for a person to email their public key to you, or for you or your security software to retrieve the public key from a directory. If you send an email out of Microsoft Outlook®, Outlook Express®, Vista Mail®, or others, there is an icon labeled, “digitally sign.” If you click on the icon, it attaches your public key to the email. When the email is received, just add the person to your contacts where both their email address and public key will be saved. Using a person’s public key, you can then encrypt emails and files for them. Public keys can also be found in a directory. Some security software packages can check directories for a public key for the intended recipient(s).

As one might suspect, it is very important to protect your private key. An important step in protecting your private key is to create a backup and store it in a safe place. This is very easy to do, but often overlooked. If you don’t backup your private key and have your computer stolen or lost, or your private key becomes corrupt, you will not be able to open any of your encrypted files. (Some security software, like the Enterprise Edition of SecureZIP® from PKWARE®, offers a contingency key that allows companies to retrieve any files encrypted, regardless of what key or passphrase was used, for recovery and audit purposes.) Another important step is to lock your computer when you are not present so someone cannot export a copy of your private key. If they do export a copy, they then can open documents that were encrypted for you.

Why use digital certificates and data-centric security? Many users resist security products because they're often time consuming and difficult to use. Unfortunately, with data security becoming a necessity in today’s technology-driven environment, being without it can leave you vulnerable. Digital certificates and data-centric security, together, create an easy, efficient, and secure way of protecting sensitive documents and emails in transit or at rest. If the document is encrypted with a digital certificate, it can only be opened by your intended recipient, the one with the private key.

The Anachronism of Passwords
So why not just use a password instead of a digital certificate? The problem with passwords is they don’t scale, are difficult to share with recipients, and are easy to forget. It is extremely difficult to use passwords when you are sending secure documents to multiple individuals. For example, how do you communicate the password to multiple recipients? Calling or emailing them with the password isn’t very secure. In addition, passwords are easy to forget, requiring many people to write them down in locations where they might be discovered, ultimately resulting in sensitive data being compromised. Digital certificates eliminate the need to have to communicate or remember a password.

Digital certificates, used with data-centric security, are a good solution for ensuring your sensitive files and emails are protected. In today’s technology-driven environment, data needs to be protected -- without it, the risks are just too high. It is important to secure sensitive emails and documents so they are not compromised if they fall into the wrong hands. It is also important to make sure your security isn’t getting in the way of your business growth by stopping information from going where it should. With data-centric security, you can free your data to go wherever it needs to -- securely.

Featured

7 Ways You Can Secure a High-Traffic Commercial Security Gate  

Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now
New Report Says Vulnerability Exploitation Boom Threatens Cybersecurity

Verizon Business recently released the findings of its 17th-annual Data Breach Investigations Report (DBIR), which analyzed a record-high 30,458 security incidents and 10,626 confirmed breaches in 2023—a two-fold increase over 2022. Read Now
- Cybersecurity
In The Clouds

Video data storage in the cloud was a novel concept when Dean Drako founded Eagle Eye Networks back in 2012. While cloud was being used for almost all other business systems at that time, the physical security industry took a cautious and measured approach to cloud adoption. Read Now
- Dealers and Integrators
- IP Video
Surveillance Cameras Provide Peace of Mind for New Florida Homeowners

Managing a large estate is never easy. Tack on 2 acres of property and keeping track of the comings and goings of family and visitors becomes nearly impossible. Needless to say, the new owner of a $10 million spec home in Florida was eager for a simple way to monitor and manage his 15,000-square-foot residence, 2,800-square-foot clubhouse and expansive outdoor areas. Read Now
- Residential Security

Webinars

Hanwha Vision (formerly Hanwha Techwin)

AI at the Edge: Are You Ready?
Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Eagle Eye Networks Inc, Evolv Technology, Arcules, ZeroEyes, Omnilert

Shooter Detection: The First Line of Defense
Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Arcules

Embracing AI-driven Access Control

Whitepapers

Genetec

How to Modernize Your Existing Security Systems Using Hybrid-Cloud
Eagle Eye Networks Inc

Are you ready for an on-site emergency? A practical checklist
Winsted Corporation

Top Considerations Designing an Ergonomic Control Room

New Products

FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3
HD2055 Modular Barricade

Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3