Data remains only as secure as the encryption keys and certificates that safeguard it. Do you know where these critical assets are and how they’re managed? Enter Enterprise Key and Certificate Management (EKCM).

At a time when most IT organizations are looking for ways to streamline operations—in order to deliver more value to the organization for less—every configurable component of the enterprise infrastructure is a candidate for automation. Implementing and maintaining encryption has long been conducted as a number of separate, unrelated tactical initiatives. Two conditions are rapidly causing such an approach to become impractical. First, unlike just a few years ago, today nearly every IT system is capable of encrypting; and second, nearly every type of organization is being pressured by external regulatory forces and internal practices to improve the protection of their critical data; and encryption is central to those initiatives.

Some of the less visible bi-products of the trend toward broadly enabling encryption include more encryption certificates and keys, and more variations in the way applications, platforms and systems are configured to encrypt. An Enterprise Key and Certificate Management (EKCM) system allows organizations to more effectively implement and maintain encryption throughout their varied, and often disparate environments. An EKCM system can provide measurable improvements in operational efficiency, system uptime, compliance measurement, audit readiness and overall data security.

EKCM Value to Constituencies

An Enterprise Key & Certificate Management (EKCM) system provides value to several different constituencies in the enterprise:

  • CEOs and Boards of Directors are able to improve information risk management and IT governance, and demonstrate compliance.
  • IT Executives (CIOs, CSOs, CISOs) have systemic, enterprise-wide compliance and control which provides measurement and accountability previously unavailable, and a platform to facilitate future growth.
  • IT Operations is able to increase critical system uptime and operational efficiency.
  • Information Security is able to improve compliance management and increase data security.
  • Auditors are able to assess the efficacy of the controls surrounding the keys and certificates used to enable SSL and SSH encrypted communications between applications.

Components of an EKCM

The key components of an Enterprise Key & Certificate Management (EKCM) system are:

  • Discovery – Allows administrators to identify all keys and certificates automatically, so they can be brought under management.
  • Monitoring – Provides comprehensive metrics detailing the state of encryption across all environments, and delivers actionable alerts to key operators and decision makers.
  • Enrollment – Facilitates continuous and automatic maintenance of certificates and keys throughout all stages of their lifecycle—from request to renewal or revocation.
  • Provisioning – Automatically deploys keys and certificates, and configures applications to use them according to administrator-defined policies.

If you have a question or a comment, or would like more information, please let us know by completing the Contact Us box on the upper right side of this page.