Jellyfish

Your PKI can often be a severely underutilised capability within your IT landscape

Public Key Enabling (PKE) is a term used to describe the process of changing systems to utilise Public Key Infrastructure (PKI). It is the incorporation of the use of certificates for security services such as authentication, confidentiality, data integrity, and non-repudiation.

Organisations taking steps to add PKI often do so to meet a point need such as adding HTTPS security to internal websites. PKI, however, can provide much higher value to the business than most organisations realise. Where the investment in PKI has already been made, additional major capability and security benefits can be realised for almost no capital or ongoing costs.

How can I use my PKI?

Authentication

To ensure the authenticity of an individual, application or device

Confidentiality

Ensuring that information can be kept private

Integrity

That information cannot be manipulated without this being obvious to the recipient

Non-Repudiation

The creator or sender cannot disown the information or claim they did not create or send the information

Authentication Enabling

Physical

People

PKI ensures greater authentication of people with soft or physical to logical & physical systems.

Personnel

Devices

PKI ensures greater authentication of devices – esp. when connecting to networks, zero-trust model.

Websites

Websites

PKI ensures greater authentication of web sites, applications, services & APIs.

Cloud

Cloud

PKI enables stronger authentication needed for cloud environments.

Confidentiality Enabling

Compliance

Compliance

PKI ensures greater level of auditing for compliance standards

Encryption

Encryption

Database encryption – e.g. Transparent Data Encryption

Secure

Secure

Secure communication channels – TLS in websites, apps, VPNs, etc

Email

Email

Confidentiality enables secure email

Integrity and Non-Repudiation

Web

Web

PKI protects web and other services and avoids being able to spoof a website

Devicetrust

Device Trust

PKI enables device trust – Trusting Laptops, Mobiles, industrial equipment, etc

Digitalsigning

Digital Signing

PKI enables digital Document Signing and thereby ensuring document source and integrity

Codesigning

Code Signing

PKI enables code signing. It is verifying the source and integrity of software