Standards of Due Care | Key Management and Payments Security Blog - Thales e-Security

Data Security and Key Management - Thales e-Security

  • Top tips for security-wise staff

    By | March 11, 2013

    Strong security is not just about technology. You can buy the strongest, most expensive safe in the world but if you don’t keep its combination secret, it's useless. The same is true with data protection. Your company might have bought state-of-the-art encryption technology but it's unlikely to be effective if your employees are not security-wise.

    Continue Reading
  • Data Encryption: Random or pseudorandom?

    By | March 26, 2012

    If you want to use encryption, you need to use keys. A key is (or rather should be) a random number that can encrypt or decrypt your information. A strong key is strong because the random nature of the chosen number means it could lie anywhere on a virtually endless number line. As readers of this blog will know, once you have a strong key, effective key management is essential to ensure the data it protects remains secure.

    Continue Reading
  • Top tips for security-wise staff

    By | March 11, 2013

    Strong security is not just about technology. You can buy the strongest, most expensive safe in the world but if you don’t keep its combination secret, it's useless. The same is true with data protection. Your company might have bought state-of-the-art encryption technology but it's unlikely to be effective if your employees are not security-wise.

    Continue Reading
  • Mediyes Trojan Shines Spotlight on Mismanaged Signature Keys

    By | March 21, 2012

    Just last week a new example of the consequences of inadequately protected signature keys came to light. As reported in Network World , Kaspersky Lab discovered that a recently distributed Trojan, Mediyes, was digitally signed using a stolen private signature key whose digital certificate was owned by Swiss firm Conpavi AG.

    Continue Reading
  • 10 Standards of Due Care for Using Keys in a PKI: Part 5

    By | July 25, 2013
    Cryptography is at the core of any PKI and the security that it delivers hinges on how the cryptographic keys are protected and how they are used. The following ten ‘standards of due care’ can be applied to any cryptographic system but are particularly critical practices when it comes to building a secure PKI, one that supports the trust models that depend upon it. Continue Reading