This blog was originally posted on PKI Solutions.
Q&A with Cindy Provin, CEO, Entrust
TPG: There has been lots of news lately about your company being acquired by Entrust Datacard. What’s the latest with Entrust Security?
CP: Entrust is a separate company within Thales. Entrust has been operating as a separate stand-alone business within Thales since January 2019. We continue to provide the best Hardware Security Modules (HSM) — nShield — in the market with the highest levels of service. Entrust Datacard signed an agreement to acquire Entrust Security and we expect the acquisition to close in the second quarter 2019. Entrust Datacard offers the trusted identity and secure transaction technologies that make anytime, anywhere experiences for consumers, citizens, and employees both reliable and secure. Its solutions range from the physical world of financial cards, passports, and ID cards to the digital realm of authentication, certificates, and secure communications. By combining with Entrust Datacard, Entrust will be better able to accelerate innovation for customers — customers embarking on initiatives related to mobility, cloud, and the Internet of Things (IoT) who need to grow their business while simultaneously protecting their data and managing ever-growing cyber risks. The combination of Entrust with Entrust Datacard brings powerful synergy between our solutions with many joint customers relying on Entrust nShield HSMs to provide a root of trust for their critical business applications. Jointly we are in a unique position to provide trusted security and identity solutions and services in digital payments, card issuance, public key infrastructure (PKI), and the IoT.
TPG: Where is cryptography headed over the next five years, 10 years?
CP: Cryptography will continue to be part of our everyday lives and even more so in the coming years. Encryption is at the heart of digital transformation and that digital transformation is changing the way we live. Think about connectivity — or IoT, electronic transactions, and online payments — they all rely on a root of trust that enables trust, integrity, and control.
TPG: What security vulnerabilities are enterprises most concerned about and how are you addressing them?
CP: Today’s information systems are highly integrated and automated, and threats are growing, driving a need for enhanced protection for data at rest, in motion, or in use. New demands created by shifting regulations and industry mandates, distributed organizations, outsourcing, joint ventures, and e-commerce are driving enhanced security requirements. Entrust provides a comprehensive range of proven credentialing and key management solutions to address these challenges. Entrust secures a wide range of diverse use cases from device credentialing to digital payments and data security, all of which are enabled and secured with Entrust solutions and services. Entrust HSMs secure today’s business critical applications by providing a root of trust for tomorrow’s technologies.
TPG: Tell us what makes your Hardware Security Modules unique.
CP: nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption, and more. Available in three FIPS 140-2 certified form factors, nShield HSMs support a variety of deployment scenarios. The nShield differentiates itself through its tight integration with Entrust Security World architecture to build a unified ecosystem that delivers scale, seamless failover, and load balancing while maintaining high performance and versatility. nShield also uniquely offers the ability to protect proprietary applications and data in a secure environment for enhanced security of sensitive application through the nShield CodeSafe option. This option provides the execution of code within the secure boundary of the nShield protecting the application and the data.
TPG: The latest research indicates that the Internet of Things is driving the adoption of Public Key Infrastructure. What’s your take?
CP: In a recent study that Entrust Security just completed with the Ponemon Institute, our findings clearly state that the Internet of Things is the fastest growing force affecting PKI planning. It is clear that IoT is driving the deployment of applications that use PKI. Most IoT devices are using or will use digital certificates for the identification and authentication of that device into the applications. The most important PKI capabilities for IoT are scale of managed certifications, online revocation, strong FIPS certified roots and issuing CAs, the ability to sign firmware, cloud security, and support for ECC (Elliptic-Curve Cryptography). All of these capabilities to provide trust, integrity and control to the overall environment. We will continue to see cloud applications and IoT as key to PKI. Organizations must not only address the digital certificate needs of today but also the diversity and scale to support IoT.
TPG: How are you addressing IoT security? Cloud security?
CP: At Entrust Security, we are working with a number of partner to provide the ability to capture and analyze data from distributed connected devices to optimize processes, create new revenue streams, and improve customer service. However, the IoT also exposes organizations to new security vulnerabilities introduced by increased network connectivity and devices that are not secured by design. And advanced attackers have demonstrated the ability to pivot to other systems by leveraging vulnerabilities in IoT devices. Entrust’s nShield HSMs bring trust to the IoT with solutions for device credentialing and authentication, firmware signing, and data confidentiality and privacy.
For cloud security, Entrust enable organizations to utilize nShield BYOK (Bring Your Own Key) to strengthen the security of their sensitive data in the cloud and maintain control of the key generation, storage, and export. With nShield BYOK, organization bring their own keys to public cloud applications, such as Amazon Web Services (AWS), Google Cloud Platform (GCP), or Microsoft Azure. nShield high-assurance HSMs let organizations continue to benefit from the flexibility and economy of cloud services while strengthening the security of their key management practices and allowing them to maintain greater control over their keys.
TPG: What are you doing to help companies stay compliant with data laws, such as GDPR?
CP: Entrust helps organizations meet industry and government compliance requirements around the world. Perhaps the most comprehensive data privacy standard to date is GDPR. GDPR affects any organization that processes the personal data of EU citizens — regardless of where the organization is headquartered. Entrust assists organization in complying with the critical Article 5, 32 and 34 rules related to the pseudonymisation and encryption of personal data and the unauthorized access to personal data. Entrust helps to meet these requirements by providing:
- Strong data encryption and key protection
- Database encryption key protection
- Authorized user controls