The realisation, operation and maintenance of a PKI confronts many organisations with great challenges. In many cases, the in-house team has little expertise, and solutions often have to be implemented at short notice. If you do not ensure the trustworthiness of your PKI, you face enormous risks of damage.
Security@Softline PKI Health Check
During our workshop we evaluate your Public Key Infrastructure. On basis of our self-developed checking rules we uncover vulnerabilities and develop organisational and technical measures in cooperation with you. Thus, we ensure a more secure and efficient operation of your PKI – for example through (partial) automation of certificate issues and renewals, adaptation of key algorithms according to BSI specifications or modifications regarding the CA hierarchy.
We create a certificate practice statement which contains the certificate guidelines, process descriptions and information about the technical implementation of the CA infrastructure. This way we create transparency, acceptance and trust within and outside your company.
With the Softline PKI Health Check we offer you the following services:
- Current state
- CA hierarchy/ tiered model & algorithms
- Secure key generation and storage (e.g. HSM)
- CA key rollover
- Process optimisation (e.g. automation)
- Certificate validation (e.g. OCSP, efficient blacklist administration)
- key archiving
- Role concept/ role separation for security-critical operations
- Certificate templates (e.g. runtimes and data content, key algorithms according to BSI requirements)
- Security tokens (e.g. smart cards or virtual smart cards, USB tokens)
- Physical security (e.g. room access with HSM Server)
- Backup and disaster recovery plan
- HA operation
We offer our »PKI Health Check« workshops in two consecutive modules:
In the first part of our workshop we analyse your current situation, give you comprehensive advice and provide you with valuable recommendations for further action.
In the second part our Softline specialists support you in implementing the necessary measures. We offer the second part of the Health Check for the following PKI solutions:
- Microsoft CA (ADCS)
- PrimeKey EJBCA
- Nexus Certificate Manager