Call it cloud computing, call it pervasive outsourcing and telecommuting, the fact is that things have changed. In many ways, your network replaces your buildings. A widely dispersed collection of people with whom you never rub shoulders are in there, looking at files and installing software.
You need to know with a reliable measure of certainty just who those people are.
Identity used to be a rather simple matter. Personnel records from HR went into your LDAP or Active Directory and were managed by your identity management software. You knew who your people were because you saw them face-to-face every day.
Now, your users come from remote offices and suppliers and distributors and customers. Who checked the identities of these people? How sure are you that they are who they say they are?
Indeed, how sure are you that your competitors haven't taken advantage of the vague and variable ways that identities are claimed out there in the wild?
Where security technology fails us
Whether your organization’s network is hosted in the cloud, on your premises, or a mix of both. Authenticity™ brings pervasive accountability to your operations, letting you know with measurable certainty who did what when.
Almost all security technology is built upon the assumption that it’s possible to determine the intentions and character of the sender of a stream of bits. Isn’t that like asking the lobby receptionist in your office building to determine whether everyone entering the building is a good or bad person?
Instead, your receptionist asks for ID, establishing accountability for what happens while the visitor is in the building.
AUTHENTICITY in the Enterprise™ brings you
Digital Identity Certificates that carry a measure of their own reliability – the product of our rigorous enrollment procedures
CredentialBridge™ linking the existing identity credentials used by your organization to PKI key pair based identities
Accountable Micro-Segmentation assuring you that all network assets and workloads are properly isolated, and reachable only by users who are not only authorized but who possess the PENs (private keys) accompanying those identity certificates, each of which carries an Identity Quality score.
CertAuth™ – Implementing certificate authentication throughout your network
DSE™ – Digital Signatures Everywhere – assuring you that all events are digitally signed by the person responsible
Logchain™ – A network log that resembles a blockchain, with all network events immutably recorded and signed.
Behind the epidemic of cyberattacks, malware, online predation, data breaches, ransomware, identity theft, IoT-borne DDOS attacks, and other digital plagues is inauthenticity.
You can't fight inauthenticity by trying to determine the intentions and character of the sender of a stream of bits. Rather, you eliminate inauthenticity with Authenticity™.
Identity Processing is the term that collectively describes the systems and services that automate enrollment, verification, authentication, and signature of a digital identity credential in trust transactions.
A digital signature is a mathematical transaction that demonstrates the authenticity of a digital communication or document. Digital signatures provide authentication, legal non-repudiation, and integrous continuity of the message or document.
A digital identity is practically worthless unless it can be demonstrated with measurable certainty that the person is who they say they are. An Identity Quality Assurance (IDQA) score assigns a numeric value to a digital identity - allowing you, as the relying party, to know at a glance to what degree the identity can be trusted.
Consider that head honchos in the info sec industry have said themselves that there are two kinds of companies in the world: those that have been hacked, and those that don't KNOW they've been hacked. We don't want to burst the disillusionment bubble here, but without encryption, your password is so easily stolen it's best to think of it as a security blanky you might've had as a child. It won't do much to protect you, but it sure makes you feel better to have it.
Data encryption is the process by which data is transformed into secret cipher text via one or more hashing algorithms. Symmetric encryption uses the same key to encrypt and decrypt. Asymmetric encryption uses one key to encrypt and a different key to decrypt.
In other words, unless you've been granted permission by the author to read an encrypted document or email, all you'll see is gibberish. To outrageously oversimplify, data encryption = your control over who sees what.
DOWNLOAD OUR FREE WHITE PAPER
to learn how AUTHENTICITY in the Enterprise will bring new levels of security and manageability to your organization
HAVE Identities Before You MANAGE Them
Authenticity and Accountability in Identity-critical Environments