Switch PROSA Production
CIO Grupo Suardiaz
In our daily business processes, security is an important issue due to the high transactional value of transactions conducted from the Suardiaz Group. For us, REALSEC is one of our trusted partners in the field of security and protection of the most important assets of the company information and digital identity. REALSEC provides a strategic service Suardiaz group, both for their solutions and the level of service provided, allowing us to solve the problem of controlling and managing our digital identity.
We were pleased that carry on the qualified staff of the show, for us it is important that the person who headed understand what we mean. Another point to note is how quickly accomodated our request, say they were agile in establishing contact with us, quickly and timely. Openness in communication, let us express our concerns and needs and were willing to ask solutions.
ATEB Company (Licensed Certification Provider) – Mexico
Although, we already had two of its teams and prior to our business contact respective maintenance, I can mention that the maintenance acquired you were treated promptly and effectively, which has led us to consider the possibility to acquire more equipment maintenance.
Chief Technology Officer of GSD – Peru
This solution has opened the doors for us to reach other customers both state and private activity, as electronics transactions in Peru are becoming more frequent and require the use of digital signature, as well as knowing the exact timing of the operation. In this respect REALSEC, as a provider partner, has accompanied us in the development of solutions that benefit our customers with a view to developing electronic government in Peru. We look forward to continuing to count on the REALSEC’s products and the professionalism of the staff in charge.
Computer Security National Bank of the Army and Air Force and Navy – Mexico (Banjercito)
It is a fairly stable team for which the required corrective support is minimal, presents safety and optimum efficiency so it provides higher performance compared to similar products. The Management API is simple to use, as well as a safe and reliable system for loading and key escrow.
To protect the cryptographic key life cycle, you need a cryptographic processor which is known as Hardware Security Module (HSM).
The main aim of these security modules is to act as anchors of confidence throughout the process of protecting cryptographic infrastructure in all the field that concerns the security of companies around the world.
Handling this encrypted information is imposible because the information is processed and stored in devices meant for that, and therefore security is always in force.
On the other hand, the use of HSM is fundamental for companies and other organizations, since they protect all kinds of transactions, applications and identities.
Cryptographic protection stands out in hardware security modules because they offer all kinds of solutions such as the encryption, decryption or authentication solution as well as digital signatures solutions for a large number of applications.
HSM technology has been developed in order to absolutely protect all kinds of encryption keys as well as to maintain a correct achievement of the mathematical algorithms involved in the information that is protected.
HSM: SECURITY OBJECTIVES AND IMPLICATIONS
The security measures of an HSM device are so high that all the important information of a company will always be protected and safe from any attack to the general security.
There is a security guarantee regarding the HSM manufacturers, and that is the analysis in detail and the tests that are carried out in specialized laboratories in order to accredit the certificates of international security of the certifiers, which are NIST for the FIPS certificate, CCN for CommonCriteria, and PCI for the consortium of Methods of Payment.
The data protected with an HSM device are the functional objectives of any HSM and are the following below:
CYBERSECURITY IN THE FORM OF SOLUTIONS
A great savings today in all the organizations is the use of technology for digital transformation since they integrate security systems in cryptographic devices that give real solutions in the field of digital security or cybersecurity. We are talking about the security systems SW, HW and HSM.
All sectors are studied within the functionalities of Realsec products and solutions. For example, in the banking sector with cryptographic solutions by key remote loading, which we manage through Cryptosec RKL, and cryptography solutions via financial hardware through CryptosecBanking.
The complex superior security is carried out through the implementation of Cryptosec DEKATON, which manages and processes the hardware security modules or HSM and the network cryptographic servers via Cryptosec LAN.
Regarding the solutions we provide for digital transformation in cybersecurity, we have CryptoSign SERVER whose main function is digital signature and centralized management of digital certificates.
The authority service of time stamping is carried out from Cryptosec OPENKEY TSA, and with regard to signature and encryption of emails, it is managed with Cryptosec MAIL.
The public key infrastructure or PKI has several aspects, and the systems of certification authority or CA, are managed with Cryptosec OPENKEY CA, the systems of registration authority with Cryptosec OPENKEY RA, and the systems of validation authority or VA, with the appliance Cryptosec OPENKEY VA.
The use of devices that involve HSM technology, such as PCI cards or appliances, is always involved with security and performance.
For the security field, there are several ways to control the activity on the web servers.
One is through the SSL cryptographic protocol, which are public key certificates that contain the private key, and are stored in the file system of the server.
The way to keep security in these cases is established by giving exclusive access to the user through the server and protecting the access to the files to a máximum level.
At times, when the server has been threatened, it is possible to extract the certificates so as not to jeopardize their security, although this is not as simple as it seems and will have to use an HSM to custody the startup password of the web server.
Summing up, by using an HSM device, the password is not affected nor the place is changed, but through its API or Application Programming Interface, it goes to the certificate and returns a decrypted result which could be used by the application that is required.
In terms of performance, apart from allowing the custody of the password of the certificates and their generation, it also makes it possible to perform cryptographic operationsas well as free space server tasks.
En cuanto al rendimiento, aparte de permitir la custodia de la contraseña de los certificados, y su generación, también hacen posible que se puedan realizar operaciones criptográficas, liberando de espacio las tareas del servidor.
The effectiveness of these hardware security modules or HSM typically increases in asymmetric or public key cryptography, rather than symmetric cryptography.
One of the most interesting features of an HSM device is that when you try to force the output of the memory, the card is self-destroyed in such a way that it does not compromise the data stored in it.
The main value offered by REALSEC to its Partners to establish a win-win relationship based on transparency and clarity to foster and, finally, generate new business for both parties.
REALSEC helps its partners with forward-thinking technology which allows them to position themselves among new or prospective customers and strengthen their position among existing ones.
You can find out all the other advantages and ask for further information at:
Phone: +1 (650) 632 42 40
For the tenth year in a row, REALSEC continues to support awareness and promotion of cybersecurity in the Spanish industry. “Cybersecurity 360º, Identity and Data Control” #XVJornadasCCNCERT | #CCNCERT_Labs is the title chosen this year for the STIC workshop held annually by the CCN CERT, National.....
The arrival of Fintech in the new financial ecosystem driven by Digital Transformation is key to understanding the new economy. In this scenario, cybersecurity for the protection of both Fintech assets and customer data is an essential requirement to strengthen their presence and prospects as......
Nowadays, no one doubts that the apogee of the Digital Transformation is bringing us numerous advantages to our lives; faster management, with more security… but it is undeniable that, along with these benefits, we are also facing the not so positive scenario of cyber-attacks, which......