Information Security News mailing list archives
E-business Embraces PKI
From: InfoSec News <isn () C4I ORG>
Date: Sat, 27 May 2000 15:54:47 -0500
http://www.techweb.com/wire/story/TWB20000526S0006 By Diane E. Levine, InformationWeek May 26, 2000 (9:13 AM) Conventional security systems are built with the idea of keeping people out. But in e-business, it's vital to let people in -- to give authorized outsiders access to the crucial resources and applications that would allow them to complete transactions online. That has many companies looking at public key infrastructure (PKI) technology. PKI allows use of digital certificates to ensure the confidentiality and integrity of data through encryption, control access through private keys, authenticate documents via digital signatures, and ease completion of business transactions. More companies are learning the benefits of PKI firsthand. A security survey of 2,700 executives, security professionals, and technology managers in 49 countries conducted last year by InformationWeek Research and PricewaterhouseCoopers showed that PKI use had more than doubled from 6 percent to 13 percent in a year. New York Life Insurance, for instance, implemented a PKI system from Entrust Technologies (stock: ENTU) to automate internal processes and procedures. The insurance company has issued 12,000 digital certificates that are used daily to verify identities and to ensure security. "We selected Entrust because it could provide us with a shrink-wrapped solution," says David Klinkman, assistant vice president of Internet/security infrastructure development at New York Life. "Out of the box, the software worked perfectly." One warning: Implementing PKI can be a challenge. "A central services approach where the PKI provides keys and key management for multiple applications is expensive, complicated, and if not done well, career-limiting," says Victor Wheatman, a vice president and research director at GartnerGroup, Stamford, Conn. "That's scary for managers who need to sign off on these projects." But that's not likely to slow the deployment of PKI. Windows 2000 has PKI built in. PKI prices are falling: Meta Group, Stamford, Conn., predicts costs will drop 30 percent to 40 percent in the next few years. "There's nothing else available that does what PKI does," says Bill McQuaide, vice president of product management at security systems vendor RSA Security (stock: RSAS). "Any company that's going to do business over the Internet has increased risk, and security becomes paramount. PKI is the most promising solution because you can control who does what by issuing digital certificates." ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- E-business Embraces PKI InfoSec News (May 27)