The Importance of Key Backup!

August 16, 2010 by Scott Shetler     No Comments

On Tuesday, Aug 17th, Entrust is releasing a new version of it’s certificate management service, and included in that version among other things are new secure email certificates! We have 2 flavors launching: one for individuals that offers a low assurance ID with limited bells and whistles, and one for enterprises that offers a medium assurance ID, with more advanced capabilities, like a web certificate request form for end-users to request their certs, admin approvals of requests, and unlimited certificate re-issues.

In particular, a feature we are quite proud of is our new automated full key backup. This enables customers to rest easy, because anything they encrypt with these certificates, regardless of how often they rollover their certificates, will always be accessible. If a user should lose their password, the administrator can simply re-issue the certificate. If a user should suspect their private key has become compromised, the administrator can simply revoke and then re-issue the certificate free of charge, and the user will receive a certificate package containing a new certificate and all the keys required to decrypt their historical data. Same thing when it comes time to renew the certificate…the new certificate will contain all the keys required to decrypt their historical data. The user is always able to maintain their ID, with a single password,  throughout the various normal but numerous events that typically occur.

From what we can tell, in the under-250 user range, our competitors don’t have any form of automated key backup, and recommend to their customers to backup their keys manually to a P12 certificate container, and place it in a secure location. While this does work, it is really not manageable for any reasonable number of users. Some users just won’t go through the process, and because it would require some coordination and backup of the P12’s, it can be costly and inefficient. Also, as time passes and more certificates rollover to new certificates, it becomes even worse to manage. Users end up having to remember passwords from multiple key pairs, or worse still, they don’t protect them with passwords at all, putting security at risk.

Like our other certificate services offerings, our Secure Email certificates are competitively priced, so please do check us out on our website come Tuesday or speak to one of our representatives!

About

Entrust senior product manager Scott Shetler has worked in various areas of software management for 16 years. He leverages his background in product and service management at Entrust to manage the Certificate Services family of products, which have grown more than 30 percent under his tenure. He gained vast experience in software as a service (Saas) and product management while at solution providers Necho Systems in Toronto and Workstream Inc in Ottawa.

Add to the Conversation