HID Global Announces Comprehensive Public Key Infrastructure-as-a Service

Digital security

HID Global announced its HID HydrantID Account Certificate Manager (ACM) solution. The cloud-based Public Key Infrastructure as a Service (PKIaaS) platform enables organizations to easily deploy and access private Certificate Authorities (CAs).

It also provides comprehensive management and robust automation of both privately issued certificates and trusted Secure Socket Layer/Transport Layer Security (SSL/TLS) certificates.

The HydrantID ACM solution helps organizations create, deploy, manage and control PKI-based authentication and encryption across mixed IT systems, complex enterprise networks and IoT devices.

From small and medium enterprises to large multinationals, organizations that use ACM take complete control of privately issued or publicly trusted SSL/TLS certificate tracking, installation and renewal. This significantly reduces security and operational risks associated with self-managed, costly, time-consuming and error-prone manual processes.

Managing the digital certificate lifecycle has become increasingly risky and resource-intensive for organizations. They must secure hundreds of applications and thousands or tens of thousands of workstations, mobile devices and other endpoints with PKI-based strong authentication and encryption.  

At the same time, some organizations are also tackling the complexity of managing PKI systems that secure millions of connected IoT devices and related systems.

“HydrantID ACM solves today’s difficult digital certificate lifecycle management problems by providing one secure and convenient cloud-based platform through which organizational teams can easily access private CA services managed by HydrantID on their behalf,” said Trell Rohovit, Vice President, Managed Security Services, Identity and Access Management, with HID Global.

“The platform also automates routines such as certificate installation and renewal for both private managed CAs and/or trusted SSL/TLS certificates that secure a large and diverse ecosystem of network devices and applications.”

The HydrantID ACM platform uses elastic cloud services to provide the necessary scalability for managing turnkey private CA services and issuing large and growing volumes of certificates with high availability across multiple geographic regions. HydrantID-managed Hardware Security Modules add security in separate, secure data centers.

The solution gives administrators multiple options for automating distribution and management of digital certificates including Automated Certificate Management Environment (ACME) v2, System Center Endpoint Protection (SCEP), Enrollment over Secure Transport (EST), Microsoft autoenrollment protocols, and the complete RESTFul Application Programming Interface (API).

In addition, the HydrantID ACM can interface with existing certificate management providers such as Venafi and AppViewX. Operating through a single-pane-of-glass reduces the risk of disruptive certificate-related outages. Other features include:

  • Easy to deploy: Leverages core operating system components and standards-based protocols for certificate lifecycle automation and integrates out-of-the-box with Active Directory Certificate Services (ADCS) enterprise tools.
  • Single Sign-On and Multi-factor authentication ready: Integrates with popular Security Assertion Markup Language (SAML) and OpenID Connect-enabled Identity Providers such as Duo Security, Okta, Ping Federate and Azure AD for enterprise user account management. 
  • Comprehensive reporting: Enables organizations to display critical information and request, search, report and export certificates and management data.
  • Fast and scalable: Designed to scale with demand and provide instant certificate enrollment, approval, issuance, revocation and renewal for certificates issued from privately managed CAs.
  • High availability with fully redundant and geographically dispersed operations.
  • Granular Access Control: Allows organizations to define user role for approving, auditing or managing digital certificates for a specific business unit or the entire organization
Source: hidglobal.com