SHAKEN/STIR is Getting Real

The Federal Communications Commission (FCC) estimates robocalls will constitute more than half of all phone calls placed in the U.S. this year. In an effort to end to this, the FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile have lined up behind a new standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using […]
PKI Insights Recap – PKI Posture Management for Digital Certificates

Elevating Your Security with PKI Posture Management In our April’s PKI Insights webinar, my colleague Nick Sirikulbut and I took a deep dive into the essential and relatively new field of PKI Posture Management. I’m here to share the intrinsic value and risk mitigation from adopting this approach to secure the very foundation of your […]
Certificate Requirements for Apple iOS 13 & macOS 10.15

When the next iOS and macOS major update arrives this fall to iPhones, iPads and Macs there will be changes that impact environments with TLS certificates not current with standards. Certificates with key lengths shorter than 2048, those signed with a SHA1 algorithm, and certificates without the DNS name in the subject alternative name (SAN) […]
Putting an End to Robocalls: FCC’s Robocall Summit Discusses Next Steps

Today, the Federal Communications Commission (FCC) held the SHAKEN/STIR Robocall Summit, led by Chairman Ajit Pai. The focus for the summit was to discuss the current state of efforts to stop robocalls and Caller ID spoofing and discuss the U.S. implementation of a new global standard called SHAKEN/STIR. Defined by the Alliance for Telecommunications Industry Solutions […]
New Online PKI Training Courses Are a Deep Dive into Public Key Infrastructure: Critical for IT Security, IoT, 5G, and SHAKEN/STIR

Why Public Key Infrastructure (PKI)? A PKI is the core of IT for enterprises, supporting network authentication, data encryption, code signing and secure email. In addition, in the next two years, 42 percent of Internet of Things (IoT) devices such as temperature sensors, televisions, and smart vehicles will rely primarily on digital certificates for identification […]
7 Top Cybersecurity Trends in 2019

Forty-three percent of businesses were a victim of a cybersecurity breach in the past year, based on the recent Cyber Security Breaches Survey 2018. Organizations are continuing to do a less than stellar job protecting their users’ data from inadvertent exposure, such as exposed APIs, poor authentication, etc. In fact, 4.5 billion data records were compromised […]
MS Press Server 2008 PKI Book Errata launch

For many years I’ve been tracking the corrections and issues in the last Microsoft Press Windows Server 2008 PKI book. All of these items have previously been incorporated into our standard deployment and consulting engagements as well as baked into our training courses. But I’ve long wanted to post an unofficial errata list for the […]
Microsoft ADCS Certificate Transparency Support

Microsoft just released their official statement and support for Certificate Transparency. I will be writing a full article covering this update as there are several key areas that are lacking in the Microsoft documentation. So in the interest of spreading the word on the official announcement, here is the link: https://mskb.pkisolutions.com/kb/4093260 Issues that need to be […]