The Federal Communications Commission (FCC) estimates robocalls will constitute more than half of all phone calls placed in the U.S. this year. In an effort to end to this, the FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile have lined up behind a new standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using…Read More
Q&A with Ivan Ristic, author of Bulletproof SSL and TLS and founder of Hardenize TPG: Tell us about your book, Bulletproof SSL and TLS. What are the biggest takeaways for IT security professionals? IR: Bulletproof SSL and TLS came out of my frustrations with the complexities of the TLS and PKI ecosystem and especially the…Read More
Why Public Key Infrastructure (PKI)? A PKI is the core of IT for enterprises, supporting network authentication, data encryption, code signing and secure email. In addition, in the next two years, 42 percent of Internet of Things (IoT) devices such as temperature sensors, televisions, and smart vehicles will rely primarily on digital certificates for identification…Read More
Q&A with Ryan Smith, vice president, global business development, Futurex TPG: Tell us about your cryptographic solutions. RS: Futurex is a global manufacturer of FIPS 140-2 Level 3 and PCI HSM validated hardware security modules and enterprise security applications. At a high level, our focus is on three areas: cryptographic processing, key and certificate management,…Read More
Q&A with J.J. Stapleton, co-author of Security without Obscurity: A Guide to PKI Operations
TPG: What practical advice do you have for an organization considering deploying a PKI solution?
JS: There are various PKI architectures to consider. An internal private PKI deployed wholly within the organization, a hosted private PKI deployed at a third-party service provider, or an external public PKI operated by a commercial third party. Each has pros and cons…Read More