KeyTalk increasingly from the cloud

In recent years, it was not really an option to purchase an automated PKI system, or Certificate & Key Management System (CKMS) from the cloud. This always involves encryption of vital business information or privacy-sensitive e-mail communication. Absolute secure storage of the encryption keys is essential for this, and this was only possible within the company’s own IT infrastructure, preferably on its own duplicated HSMs (digital safes). It goes without saying that this involves considerable investment.

Recently, it has become possible to purchase an HSM as a cloud service, where it is fully managed from the cloud and securely connected to your own IT infrastructure. An example of this is the Thales DPoD Service or Utimaco Cloud HSM as a Service.

KeyTalk follows this development and offers its CKMS increasingly as a ready-made PKI solution from the AWS, Azure or Google cloud. This makes it easy for us or our partners to support implementation and management, and enables significant savings in IT management and resources.

TK Elevator, one of KeyTalk’s largest customers, decided last year to purchase the duplicated KeyTalk CKMS environment from the MS Azure cloud in combination with Utimaco’s HSM Cloud solution. This environment regulates the issue of >30,000 machine certificates and just as many mobile phone certificates every three weeks via an MS Intune integration. The advantage of this set-up is that KeyTalk could easily take responsibility for the remote management of this CKMS.

For some months now, KeyTalk has been offering its CKMS in combination with S/MIME as a Secure Email Service (SES) completely ‘as a service’ from the cloud.

The Secure Email Service (SES) is the Secure Email service offered by KeyTalk together with its CA partners GlobalSign and DigiCert since 2019. All customers purchased the product during the introduction phase within their own IT infrastructure. It was therefore in fact only suitable for large organizations with the necessary IT knowledge and resources. Due to the increased focus on secure e-mail (as a result of phishing, among other things) in smaller and medium-sized organizations, we and our partners saw a need for the same SES in this group as well. But then completely unburdened.

Since April of this year, KeyTalk has therefore been successfully offering this combined service as a cloud service, linking a central redundant KeyTalk CKMS environment to a Thales DPoD cloud HSM solution. This has made the roll-out of the Secure E-Mail Service for customers between 5-250 users very easy. Customer users only need to install the KeyTalk SES agent, which takes care of the request, installation and complete configuration of a digital e-mail certificate (S/MIME) from DigiCert or GlobalSign, for Outlook, O365 or Apple mail, within 1 minute.

This means that even relatively small organizations can now use secure email (signing and/or encrypting email) without a large upfront investment or management expertise.

Would you also like a demonstration of the cloud possibilities for your KeyTalk solution? Leave your details here and we will contact you as soon as possible.

The KeyTalk Team