cl-au logo
Story image

Venafi and nCipher Security partner on machine identity protection

20 Feb 2019

Machine identity protection solutions provider Venafi and nCipher Security have announced a new technology partnership and integration.

The integrated solution combines Venafi Advanced Key Protect with nCipher nShield hardware security modules (HSMs) and can be used to scale the generation and protection of machine identities – even in complex, high-security environments.

Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.

HSMs provide organisations with a trusted, proven and auditable way to secure these machine identities.

However, many organisations create custom scripts and use other manual processes to generate keys, leaving them more vulnerable to attack and introducing new risks to the global enterprise.

The integration of Venafi Advanced Key Protect and nCipher nShield HSMs aims to let organisations ensure the strongest cryptographic keys are always used across the enterprise.

“As our customers make the transition to increasingly digital environments, they need to trust the machines that are used across their networks to support critical business functions such as securing web transactions, privileged access and authenticating software code,” says nCipher Security chief strategy officer Peter Galvin.

“If the identities of these machines are not authenticated and protected, then they are open to misuse by cybercriminals.

“Through consistent use of strong cryptographic keys, Venafi and nCipher make it possible for customers to own and control the keys and certificates used to authenticate machine identities and establish trust in these digital transactions.”

Featuring the same automation available in the Venafi Platform, TLS and SSL keys are generated centrally and securely within nShield HSMs.

For even greater security, TLS keys remain on the nShield HSM throughout their entire life cycle – from key generation and certificate issuance to rekey and renewal processes.

“Our integration with nCipher nShield HSMs is easy to deploy, reduces errors and cuts the time and resources required to use SSL and TLS keys and certificates with HSMs,” says Venafi chief cybersecurity strategist Kevin Bocek.

“Through our partnership with nCipher, we are providing organisations the ability to automate machine identity life cycles with a high level of protection.

“This includes protection for popular web services in enterprises today such as Microsoft IIS, Apache and Java application servers. Our integrated solution also works immediately with all of the leading certificate authorities in the Venafi Technology Network.”

Key features of Venafi and nCipher’s integration include:

  • Improves policy and workflow controls that enable fast, automated orchestration of keys.

  • Reduces the risk of keys being stolen from file systems, software certificate stores and system memory – including the risk from side-channel attacks such as Spectre and Meltdown.

  • Manages certificates and keys in a FIPS 140-2 Level 2 and Common Criteria EAL4+ hardened, high-assurance environment.

  • Increases the number of strong keys generated from a NIST-certified random bit generator (RBG).

  • Orchestrates the use of HSMs under strict policy control across the enterprise.
Story image
Airlock Digital seeks to empower Aussie SMEs with AustCyber funding
“With more SMEs and other organisations looking to adopt application whitelisting as a primary cyber defence mechanism, we plan to significantly expand Airlock Digital's partner network."More
Story image
Rising to the contact centre security challenge in the era of COVID-19
Cloud based contact centres have enabled Australian organisations to keep on working through the coronavirus pandemic but, in a climate of heightened risk, ensuring the security of your solutions and customer data is a critical imperative.More
Story image
Lenovo launches newest ThinkCentre nano range
The range has taken the ‘nano’ approach to form factors, releasing a range of ultra-small products suited for the modern workplace.More
Story image
Phishers cash in on the COVID-19 pandemic - how to avoid being reeled in
As the crisis continues to play out, the onus is on the rest of us to remain on high alert, to ensure our systems and data aren’t infected with another kind of virus.More
Story image
Unisys recognised as powerful AWS partner thanks to digital transformation solutions
“Our team is dedicated to helping clients harness the power of hybrid cloud and achieve business outcomes by leveraging the agility, breadth of services and pace of innovation that AWS provides.”More
Link image
Five emerging cybersecurity trends MSP need to be aware of
MSPs need to be constantly updating their service portfolio and making the case to clients to up their cybersecurity budgets. Let’s examine five threats that have emerged in the first half of 2020 that MSPs should be monitoring as we enter the second half of the year.More