Public Key Enabling (PKE)
Your PKI can often be a severely underutilised capability within your IT landscape
Public Key Enabling (PKE) is a term used to describe the process of changing systems to utilise Public Key Infrastructure (PKI). It is the incorporation of the use of certificates for security services such as authentication, confidentiality, data integrity, and non-repudiation.
Organisations taking steps to add PKI often do so to meet a point need such as adding HTTPS security to internal websites. PKI, however, can provide much higher value to the business than most organisations realise. Where the investment in PKI has already been made, additional major capability and security benefits can be realised for almost no capital or ongoing costssecurity
How can I use my PKI?
To ensure the authenticity of an individual, application or device
Ensuring that information can be kept private
That information cannot be manipulated without this being obvious to the recipient
The creator or sender cannot disown the information or claim they did not create or send the information
PKI ensures greater authentication of people with soft or physical to logical & physical systems.
PKI ensures greater authentication of devices – esp. when connecting to networks, zero-trust model.
PKI ensures greater authentication of web sites, applications, services & APIs.
PKI enables stronger authentication needed for cloud environments.
PKI ensures greater level of auditing for compliance standads
Database encryption – e.g. Transparent Data Encryption
Secure communication channels – TLS in websites, apps, VPNs, etc
Confidentiality enables secure email
Integrity and Non-Repudiation
PKI protects web and other services and avoids being able to spoof a website
PKI enables device trust – Trusting Laptops, Mobiles, industrial equipment, etc
PKI enables digital Document Signing and thereby ensuring document source and integrity
PKI enables code signing. It is verifying the source and integrity of software