Have any questions?


The Futurex Blog. News, Announcements and Much More.

Which Key Management Solution is Right for Me?

by Alex Hopkins on July 17th, 2014

Secure management of cryptographic keys has become a requirement for all organizations operating their own data security infrastructure. However, when making a critical decision based around protecting sensitive company data, knowing which key management solution to choose can be a bit confusing. It’s easier to tell the difference between the Futurex Securus and our other key management solutions due to its remote configuration and key management capabilities as well as its portability, but Futurex offers a wide variety of other key management servers with different functionalities designed for a range of needs.

In this post, I would like to break down the benefits of each Futurex FIPS 140-2 Level 3-validated key management solution so you can choose the server that would work best for your organizational desires:

Manufacturer-Class Certificate Authority Server (MCCAS) – The Manufacturer-Class Certificate Authority Server is a secure, scalable, and easy-to-use solution for creating and storing high volumes of asymmetric key pairs for the encryption, decryption, signature, and validation of arbitrary data in a public key infrastructure (PKI). Using PKI, the MCCAS combines the strong physical security of FIPS 140-2 Level 3-validated hardware with an efficient system for covering all stages of the certificate lifecycle within large-scale manufacturing environments. The MCCAS also has the ability to securely and directly inject private keys into electronic devices during the assembly process. The MCCAS is ideal for organizations needing to perform bulk signing, validating, and certificate tracking at the manufacturing level.

RKMS Series – The RKMS Series Remote Key Management Server provides remote management and distribution of cryptographic keys for ATM and Point of Sale (POS) terminals. The RKMS Series handles a broad range of encryption and key management functions including key generation, distribution, deletion, and tracking. It remotely disperses both symmetric and asymmetric encryption keys over a secured IP network, which allows management of keys from a single location and removes the costly and time-consuming process of having to manually input keys. The RKMS Series also offers Certificate Authority management as well as allows the ability to design templates and print secure key mailers. The RKMS Series is ideal for organizations needing to manage and perform remote key injections for POS terminals or ATMs.

KMES Series – The KMES Series Key Management Enterprise Server is a general purpose solution used to create and store symmetric and asymmetric key pairs for encrypting and decrypting data as well as signing and validating anything that relies on a PKI, including certificates, firmware updates, code, electronic devices and other items requiring a digital signature. Full key and certificate lifecycle management is built directly into the KMES Series, with support for all major key types, algorithms, and protocols. The KMES Series also supports key component printing and enables users to create specific templates for varying needs through a template designer system. The KMES Series is ideal for organizations across a wide range of industries needing custom solutions for general purpose key management requirements.

SKI9000 – The SKI9000 Secure Key Injector provides a cost-effective, all-in-one security solution designed for loading, managing, and storing POS encryption keys. The SKI9000 manages symmetric encryption keys and consolidate them into one centralized key injection solution, which helps to eliminate the cumbersome process of performing more key loading ceremonies than are necessary. It is also capable of injecting keys into up to sixteen POS devices at one time.The unique design and graphical user interface of the SKI9000 makes key injection as simple as point-and-click. It also includes the capability of injecting more than one type of key at a time. The SKI9000 is ideal for organizations needing to directly inject encryption keys into POS terminals.

Still unsure which key management server is right for your organization? Our Xceptional Support team is available to answer any questions you may have about these standards-compliant solutions.

Bookmark and Share

Data Security & Fraud Prevention Roundup – July 11th, 2014

by Futurex on July 11th, 2014

Our Data Security & Fraud Prevention Roundup contain links to the best data security and fraud prevention-related articles, blog posts, news releases, interviews, and anything else that we found interesting from around the web over the course of the prior week and our thoughts on them. In this special version of our roundup, we’re focusing on one topic in particular: cloud computing.

#1: 5 Ways in Which the Cloud is More Secure by Joshua Hold, eUKhost (July 7, 2014)

There’s lots of talk from security officials about the cloud right now. Many mention that the cloud is secure, but is it safer than other means of data security measures? If so, how? This article explains in great detail the benefits of using the cloud over typical data security practices for all industries across the board.

#1: 6 Key Considerations for Planning Your Move to the Cloud by Ajit Melarkode, InformationWeek (July 7, 2014)

Choosing the right cloud service for your organization can be quite daunting, especially if you aren’t aware of the different services and benefits offered by cloud providers. Though this article targets Indian enterprises, the information is both helpful and applicable to other companies around the world.

#2: A Secure Cloud: Reality, or Rainbows and Unicorns? by Esther Shein, CIO (July 9, 2014)

As often data breaches happen, you may find yourself wondering if a truly secure cloud is even possible. Esther Shein says that cloud security CAN be a reality, but it’s not a one-way street. Both cloud providers and organizations must work to maintain security by following the list of best practices Shein outlines in this article.

#3: Plenty More Cloud Innovations Are Still to Come by Michael Brown, MSPmentor (July 10, 2014)

Think that the cloud has hit the ceiling when it comes to innovation? Think again. Michael Brown discusses three ways the potential of the cloud has barely been tapped, bringing more efficiency and profitability for organizations.

#4: Cloud storage vs. external hard drives: Which really offers the best bang for your buck? by Ben Taylor, PCWorld (July 10, 2014)

When it comes to choosing whether cloud storage or external hard drives are the best option for your organization, you need to consider every factor. Fortunately, Ben Taylor has done the research for you; in this article, he breaks down pricing, service offerings, and organizational needs.

If you find something interesting that you’d like to see considered for next week’s Data Security & Fraud Prevention Roundup, don’t hesitate to let us know. We’re always on the lookout for new and interesting perspectives on data security news, issues, thoughts, and best practices. Send your best links to info@futurex.com, or share them with us on Twitter (@Futurex).

Bookmark and Share

Key Management Refresher: Network Architecture

by Futurex on July 7th, 2014

For any organization managing encryption keys, the process of creating, maintaining, and improving a key management system can seem a frustrating or even impossible task. These feelings of frustration often stem from a few prominent mistakes that frequently occur. Beyond simple annoyance with an inefficient system, key management mistakes can have a far more damaging effect: data breaches.   Fortunately, these mistakes are easily preventable with some instruction. In our whitepaper, Ten Key Management Mistakes…And How to Avoid Them, we discuss ten actions that can make or break a key management system.

Maybe you’re attempting to develop a key management network from scratch, or perhaps you’re simply looking for ways to improve your network architecture. Whatever the current status of your network, there are some questions you should ask yourself. Knowing the answers to these questions will enable you to take action to improve your organization’s network architecture, making it more efficient and resilient to threats.

1: Are you utilizing all your resources?

Key management is not a simple task. If you’re scraping by with the bare minimum of funding, employees, and technology, the odds are that your network is not as strong as it should be.

2. Are you planning for the future?

Technology is constantly evolving, and key management is no exception to that rule. If your network architecture is not scalable for growth in the future, it will end up costing your organization not just in terms of purchasing new equipment, but also in terms of time, efficiency, and even reputation.

3. Are you protected against “oops” moments?

If a tired technician spills coffee into a primary network switch, your failsafe plan should be ready to go. Your organization cannot afford to have its key management system offline for an undetermined amount of time. If your network infrastructure does not have a backup plan that kicks in automatically, consider the following:

4. Are you consulting experts?

You may be your organization’s tech guru, but no one person can ensure the success of a key management network. Reach out to experts who specialize in your industry; their entire job is to completely understand network architecture and offer guidance on how to improve it to meet compliance and enhance security.

A thorough analysis of your network architecture may lead to the discovery of some serious data security risks. Still unsure of how your key management architecture can be improved? We can help. Our Solutions Architects specialize in designing solutions that are right for your needs.

Bookmark and Share

Case Study: Securing Prepaid Cards in Latin America

by Alex Vences on July 1st, 2014

You hear a lot about the necessity of data security for credit and debit cards, but the same concerns apply to prepaid cards. A recent trend, more and more banks are incorporating prepaid cards into their services, reaching a broader customer base by appealing to those who for various reasons are unqualified for credit cards. Prepaid cards offer convenience to banks’ customers while still allowing the financial institution to gain the benefits inherent in card-based transactions.

One large bank in South America known for its innovative and convenient prepaid card options wanted to improve data security for its prepaid card issuance and validation operations. To do so, they chose Futurex’s Excrypt SSP9000, the fastest payment HSM in the world.

This bank had several functionality requirements for their cryptographic system: scalability for increased processing capacity in the future, high performance to support a large volume of requests while maintaining speed, and an easy-to-use API that required little employee training. Those requirements were easily met by the Excrypt SSP9000; the Excrypt API easily integrated with the host application, and the virtually limitless scalability of the platform ensured increasing capacity would never be an issue.

The successful implementation of the Excrypt SSP9000 into the bank’s core cryptographic infrastructure has given them the basis to grow their prepaid card production for many years to come. To learn more about this large South American bank’s selection of the Excrypt SSP9000 for prepaid card preparation and validation, download our case study.

Bookmark and Share