Exclusively Online

Rise of the Digital Certificates

Accelerating access to critical information securely

  • By Steve Laubenstein
  • May 05, 2008

Securely exchanging and storing documents and emails has become a necessity across multiple industries.  An increasing number of businesses need to exchange data internally as well as with business partners and customers.  The question is: How do you do exchange information easily, efficiently, and securely?  How do you deploy a security solution that won’t inhibit your business growth by keeping information from the people who need it? 

Security is a requirement for sensitive information.  Everyone, from CEOs of the largest companies to home users saving tax returns on their home computer, needs to protect sensitive information.  Almost everyone has information, on occasion, that they email or store that needs to be protected.  Sensitive information needs security that travels with it, wherever it goes.

One solution for protecting sensitive information is digital certificates with data-centric security.  Put simply, data-centric security is security that always stays with your data, in transit and at rest.  Unlike other security solutions that are focused on stopping attackers and protecting individual assets, data-centric security is about protecting the data itself.

Often when people hear the words “digital certificate” or “public and private key,” they have come to expect yet another technical article on PKI (public key infrastructure). Digital certificates, in their simplest form, make authenticating and securing documents and emails extremely simple.  Like many forms of technology, digital certificates were once expensive and reserved for large companies with multiple resources, but are now easy to use and available to the masses without requiring infrastructure.  This makes implementing digital certificates practical for a variety of purposes -- you no longer need to be a big company with extensive IT resources to take advantage of digital certificates.   Small businesses, and even consumers, can benefit greatly from digital certificates combined with data-centric security software.  As stated earlier, almost everyone has the need to send or store something securely on occasion.  The issue is making sure the software solution you choose is simple to use and works more like a utility than technical security software.

First, let’s take a look at how a digital certificate works.  A digital certificate is a general term for public and private keys that are digitally signed.   When someone gets a key pair, it consists of a public and a private key.  The public key is provided to anyone who wants to encrypt something for you.  The private key, which only you have, is used to decrypt.  A digital signature attaches an identity to the public key so you know who it belongs to and is usually performed by a trusted party, such as your company or a certificate authority like Comodo® or Verisign®.  This is done so if you receive a public key from a directory or another indirect source, you are assured it belongs to a particular person.

How do you get a public key so you can encrypt documents and emails for someone else?  The two most common ways are for a person to email their public key to you, or for you or your security software to retrieve the public key from a directory.  If you send an email out of Microsoft Outlook®, Outlook Express®, Vista Mail®, or others, there is an icon labeled, “digitally sign.”  If you click on the icon, it attaches your public key to the email.  When the email is received, just add the person to your contacts where both their email address and public key will be saved.  Using a person’s public key, you can then encrypt emails and files for them.  Public keys can also be found in a directory.  Some security software packages can check directories for a public key for the intended recipient(s).

As one might suspect, it is very important to protect your private key.  An important step in protecting your private key is to create a backup and store it in a safe place.  This is very easy to do, but often overlooked.  If you don’t backup your private key and have your computer stolen or lost, or your private key becomes corrupt, you will not be able to open any of your encrypted files.  (Some security software, like the Enterprise Edition of SecureZIP® from PKWARE®, offers a contingency key that allows companies to retrieve any files encrypted, regardless of what key or passphrase was used, for recovery and audit purposes.)  Another important step is to lock your computer when you are not present so someone cannot export a copy of your private key.  If they do export a copy, they then can open documents that were encrypted for you. 

Why use digital certificates and data-centric security?   Many users resist security products because they're often time consuming and difficult to use.  Unfortunately, with data security becoming a necessity in today’s technology-driven environment, being without it can leave you vulnerable.  Digital certificates and data-centric security, together, create an easy, efficient, and secure way of protecting sensitive documents and emails in transit or at rest.  If the document is encrypted with a digital certificate, it can only be opened by your intended recipient, the one with the private key. 

The Anachronism of Passwords
So why not just use a password instead of a digital certificate?  The problem with passwords is they don’t scale, are difficult to share with recipients, and are easy to forget.  It is extremely difficult to use passwords when you are sending secure documents to multiple individuals.  For example, how do you communicate the password to multiple recipients?  Calling or emailing them with the password isn’t very secure.  In addition, passwords are easy to forget, requiring many people to write them down in locations where they might be discovered, ultimately resulting in sensitive data being compromised.  Digital certificates eliminate the need to have to communicate or remember a password.

Digital certificates, used with data-centric security, are a good solution for ensuring your sensitive files and emails are protected.  In today’s technology-driven environment, data needs to be protected -- without it, the risks are just too high.  It is important to secure sensitive emails and documents so they are not compromised if they fall into the wrong hands.  It is also important to make sure your security isn’t getting in the way of your business growth by stopping information from going where it should.  With data-centric security, you can free your data to go wherever it needs to -- securely.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Surveillance Cameras Provide Peace of Mind for New Florida Homeowners

    Managing a large estate is never easy. Tack on 2 acres of property and keeping track of the comings and goings of family and visitors becomes nearly impossible. Needless to say, the new owner of a $10 million spec home in Florida was eager for a simple way to monitor and manage his 15,000-square-foot residence, 2,800-square-foot clubhouse and expansive outdoor areas. Read Now

  • Survey: 72% of CISOs Are Concerned Generative AI Solutions Could Result In Security Breach

    Metomic recently released its “2024 CISO Survey: Insights from the Security Leaders Keeping Critical Business Data Safe.” Metomic surveyed more than 400 Chief Information Security Officers (CISOs) from the U.S. and UK to gain deeper insights on the state of data security. The report includes survey findings on various cybersecurity issues, including security leaders’ top priorities and challenges, SaaS app usage across their organization, and biggest concerns with implementing generative AI solutions. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3