3/21/19 We’re delighted to announce that Identify3D has added some significant security enhancements that will simplify key management for many of our customers. Last week, we announced a licensing agreement with Gemalto that allows Identify3D to use Gemalto’s SafeNet Data Protection on Demand technology, or DPOD, across the Identify3D suite of products — you can read more about this in Gemalto’s news release.
Recognized as a world leader in digital security, Gemalto’s technology enables us to implement a single key-management solution for both our cloud-based and on-premise servers, and provide the same solution to all customers — irrespective of which cloud provider they choose. This makes key management much easier for our customers, and also makes it much easier for us to evolve a customer’s data protection should they migrate from on-premise to cloud-based services.
To learn more about Gemalto’s perspective on how their solution fits within the digital manufacturing ecosystem, we spent some time with Todd Moore, SVP of data protection at Gemalto.
ID3D: What makes key management a technical challenge?
Gemalto: Good key management is critical for overall encryption strategy but is often seen as a difficult and tedious task. The more an organization uses encryption, the more keys are generated. This can also create silos of encryption, leading to a potentially cumbersome management problem. Not having a centralized management tool that affords a single pane of glass view of all environments and/or multiple cloud vendors also makes key management challenging. With a solution like SafeNet DPOD, you can easily set up a root of trust for a secure and trusted mechanism to protect cryptographic keys and secrets. You can use your key vault to generate and/or store cryptographic keys, establishing a common root of trust across all applications and services. In order for key management to be effective, you need to ensure that your key-management solution integrates with the various encryption solutions used by your organization.
ID3D: What sets your DPOD solution apart from other solutions out there?
Gemalto: SafeNet DPOD is the only platform to offer a wide range of cloud-based HSM, key-management and encryption services on demand from a single online marketplace. It has distinct advantages over competing hardware-based encryption products because:
- There is zero upfront capital investment; instead, there is pay-as-you-go pricing.
- Services can be deployed in minutes — compared with hardware-based encryption products that can take days or even weeks.
- Easily integrates with existing IT products and other cloud services that make it easy for you to integrate encryption, key-management. and HSM on-demand services to protect your applications and data.
In addition, SafeNet DPOD leverages Gemalto’s market leading on-premises HSM expertise and ecosystem of hundreds of partners and integrations. SafeNet DPOD is also crypto-agile, providing support for advanced algorithms such as elliptic curves.
ID3D: Why is DPOD a great solution for manufacturers?
Gemalto: With Gemalto’s Cloud HSM service, manufacturing organizations can realize a range of benefits from enhanced security, to protecting intellectual property, and optimizing operational performance. With Gemalto’s SafeNet DPOD, manufacturers are able to leverage the HSM On Demand services for centralized control to remote locations, as well as customize features for each manufacturing environment. In addition, SafeNet DPOD offers high availability with 99.95% SLA.
ID3D: Why is DPOD a great solution for Identify3D?
Gemalto: Identity3D can now offer an easy-to-use and cost-effective HSM solution for the following use cases:
1. Certificate authority—to hold its keys
2. A management component in the cloud to hold customers’ keys
SafeNet DPOD is a uniquely simple, cloud-based solution with high-security HSM and key-management services. This means Identify3D can ensure the security of its customers’ valuable data and IP, and verify that the quality of their manufacturing has been authorized and authenticated according to their exact standards – all with a low total cost of ownership.