Managed PKI


Through SAGECERT our customers enjoy issuing electronic certificates (PKI) required for operation and destined for SSL, VPD, Logical Access, ATM, software company, Secure Mail, among others, which ensures the inner perimeter of the company, guaranteeing highest levels of security and confidence. Access is through a delegated through Internet console.

 

One of the risks of using self-signed certificates for internal sites, is that employees end up ignoring safety warnings browser (when they are not trusted ) and begin to add certificates to the list of certified reliable when in fact they aren't. This not only endangers networks and internal systems, but also leads to a dangerous attitude of permissiveness regarding the safety of the company and goes against the most basic safety standards of any internal system.

 

Self-signed certificates also are more at risk to advanced persistent threats (APT) attacks or several vectors, because internal CA often lack the processes and security measures that do adopt external CA. For example, it may be the case that the server where you store and manage CA is connected to the same network that is also used for other systems, without setting limits additional physical security. Normally, the internal CA lack biometric access control to use the root key that generates certificates. This negatively affects the level of security and the rigor with which the certificates are issued. There is also the possibility of doubling the self signed CA and generate false certificates, which would further facilitate the commission of fraud or internal security events. In fact, this situation increases up to 80 % the risks of internal security events.

 

SAGECERT has the following characteristics :