Wk online trust solutions overview january 2012


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Wk online trust solutions overview january 2012

  1. 1. The World Internet Security Company Confidential WISekey SA Copyright © 2011
  2. 2. Welcome to WISeKeyThe World Internet Security Company Online Trust Digital Brand Mobile Solutions Solutions Protection WISeID (Secure Data Storage) Secure Messaging (across ekey+ (Secure USB) devices & platforms) WISeAuthentic WISePhone (Secure Voice) Data Leakage Prevention Certified Branded Web WISeSMS (Secure SMS) SSL & PKI Presence WISePay (Mobile Payments) Paper Reduction Solutions (dematerialization) 2
  3. 3. Online Trust Solutions BriefThe World Internet Security Company Enterprise Data Security • CertifyID DLP: Data Leakage Prevention Solution • Secure Enterprise Identity : Secure access, confidentiality, data integrity and authenticity • Enterprise Mobile Security: Comprehensive security on the move (see below) • Paper Reduction: Go digital across your operations legally and securely Enterprise Mobile Security • WISePhone+: Encrypted Voice Calls for Enterprise Groups • WISeID Enterprise: Encrypted enterprise data and identity console on your mobile • Secure Messaging+: Encrypted messaging across devices and platforms (email, SMS, Chat, Facebook, Twitter) • Secure Mobile Identity Credentials: One Time Password (RSA Replacement) and Digital Certificates Web Site Security • Web Server Certification Services (SSL) : Secure your Web presence (Web site, Webmail, Secure Web access, sites.) • Website Access Control: Establish secure and easy access mechanisms to publicly facing web sites. Paper Reduction Solutions • e-Diploma: Enable academic diplomas to be validated in seconds • Compliant Paper-Digitalization: e-Notary, Timestamping, e-invoicing, e-contracting, etc. (ROADMAP) Enterprise Cloud Security • Cloud Secure Identity Services • Cloud Enterprise Data Security • Cloud Enterprise Mobile Security • Government Data Sovereignty Services
  4. 4. Is There an Increasing Threat?The World Internet Security Company • Activity on the Internet and in the Cloud is increasing at an accelerated pace. • New security needs become apparent and never-before-considered issues of privacy rights emerge. • More reasons to be online and more data stored & transferred means that the ramifications of a security breach are enormous and growing. • Source: Gartner
  5. 5. The Loss is Real & GrowingThe World Internet Security Company Financial Mounting Threats  Annual cost of global cybercrime:  Reports of mobile operating system $114 billion. vulnerabilities increased 42% in 2010, up 163 from 115 in 2009 – a sign cybercriminals have shifted their  Value of time lost due to cybercrime experiences: focus to the mobile space. $274 billion.  Increased use of social networks and a lack of  Cybercrime costs the world significantly more than the protection are likely to be some of the main culprits global black market in marijuana, cocaine and heroin behind the growing number of cybercrime victims. combined annually. Personal  431 million adults victims globally.  14 adults become a victim of cybercrime every second, over 1 million every day.  More than 69% of adults online have been a victim of cybercrime.  Of adults online, 10% have experienced cybercrime on their mobile phones.  Source: Symantec Internet Security Threat Report  Source: 2011 Norton study
  6. 6. Security Breaches Making HeadlinesThe World Internet Security Company “Hacking in Netherlands Points to Weak Spot in Web Security.” The New York Times. September 12, 2011. http://www.nytimes.com/2011/09/13/technology/hacking-in- netherlands-points-to-weak-spot-in-web-security.html?scp=1&sq=hacking-in-netherland&st=cse “Hackers accessed Citigroup customer data.” CNet. June 8, 2011. http://news.cnet.com/8301-1009_3-20070244-83/report-hackers-accessed-citigroup-customer-data/ “PlayStation Hack to Cost Sony $171M.” PCMag.com. May 23, 2011. http://www.pcmag.com/article2/0,2817,2385790,00.asp “RSA Blames Phishing Attack for March Security Breach.” PCMag.com. April 5, 2011. http://www.pcmag.com/article2/0,2817,2383080,00.asp “WikiLeaks supporters attack MasterCard site.” CNet. December 8, 2010. http://news.cnet.com/8301-13578_3-20024966-38.html “Gmail Also Nailed by Phishing Attacks, Google Says.” PCMag.com. Oct 6, 2009. http://www.pcmag.com/article2/0,2817,2353820,00.asp 6
  7. 7. The Information Security Landscape is Evolving Quickly: Pain / SolutionsThe World Internet Security Company
  8. 8. Key Competitive EdgeThe World Internet Security Company Unique Trust Model • The OISTE Foundation is a non-profit organization for promoting international standards to secure electronic transactions. • WISeKey is the trusted operator of the OISTE Common Root. • OISTE provides Common Root for Certification Authorities worldwide that comply with the OISTE Trust Model. • Swiss Neutrality, Security , and privacy laws allow operation without geo- political or governmental constraints, offering an alternative when U.S.-based certificate sources are under attack.
  9. 9. Enterprise Data & Mobility Security SuiteThe World Internet Security Company
  10. 10. The World Internet Security Company Infrastructure & Operations E-Security Services SECURE ELECTRONIC IDENTITY INFRASTRUCTURES
  11. 11. The World Internet Security Company Web Site In-House Security Managed Secure Identity Certificates Certification Infrastructures (Server Services Certificates)
  12. 12. CertifyID TrustCenter ArchitectureThe World Internet Security Company High Security Centers • Geneva Tier 4, biometric, 24 hour video surveillance, CertifyID Trust Offline Root CA HSM Center Root Edition Offline Policy CA HSM meets SAS, ANSI Storage Area Netowrk Channel standards Flexible Delivery Models System Center Issuing CAs Real time backup service WebService interface CertifyID Guardian DB OCSP Server Timestamping Server Operations Manager • Software & Tech LB on FE App Cluster Licenses Back-End Cluster • Consulting and Delivery HSM HSM Domain Directory Controllers with OCSP Clients NLB Administration Console Servers • Bespoke solutons NLB Protected DMZ Public DMZ NLB NLB ISA NLB NLB • Managed Services (Software as a NLB Service) Internet WS Universal CRL Management Registration Authority OCSP Front End (proxy) Multiple Accreditations • WebTrust for CA Registration Terminal Federated Users e-Services • Certified for Windows Server 2003 & 2008
  13. 13. CertifyID™ SSL Digital CertificatesThe World Internet Security Company Unified Standard SSL Wildcard SSL Communications Convenient when the customer needs to protect a Used to protect Microsoft Web server offering several Communication and Protects a server identified Exchange servers (among under a specific domain subdomains or virtual servers (i.e. serving URLs as others). These servers name (i.e. require special certificates https://www.domain.com). https://www.domain.com, https://intranet.domain.com and Standard Certificates Those are the certificates cannot be used (excepting if most frequently needed to and https://partners.domain.com, the customer needs only to protect Web Servers. protect his Exchange all from the same web server). Webmail service). From 168,- CHF From 371,- CHF From 210,- CHF One license per server and Unlimited subdomains on Includes 3 SAN. Additional DNS name one SAN can be added for Web Server 45CHF each.
  14. 14. CertifyID™ SSL Digital CertificatesThe World Internet Security Company How to purchase a CertifyID™ SSL Digital Certificates • Direct purchases. Customers can buy on-line or contacting their assigned Account Manager. Customers purchasing high volumes can use our “CertifyID™ SSL Portal”. • Indirect purchases. Resellers will place the orders for their customers using the “CertifyID™ SSL Portal”. Customers linked to Resellers can also order their certificates through the Portal. Once an order is accepted, WISeKey will process the request and issue the certificate following the successful validation procedure according to the SSL Certificate Policy. Licensing policy • Server Licenses. By purchasing one SSL Certificate the customer is entitled to protect a single physical server. To protect additional servers with the same domain name (i.e. redundant servers), customers must purchase additional “server licenses” for each physical server. This policy applies to all certificates. • Subject Alternative Names. SAN are only provided on UC SSL Certificates, which include a license for 3 SAN (additional SAN can be purchased if required).
  15. 15. CertifyID™ Personal CertificatesThe World Internet Security Company Standard Standard Advanced (Class 1) (Class 1+) (Class 2) Medium level of security. The identity of the subscriber is High level of security. The Basic level of security. The verified by checking the identity of the subscriber is subscriber’s identity is not ownership of the e-mail always verified “face-to-face” verified. Suitable for e-mail address. Valid for digital before issuing the certificate. and other non critical signatures, e-mail and other Recommended for digital usages. Not recommended usages in corporate or signatures and other usages for legally binding digital closed groups where e-mail where sensitive information signatures. accounts are given to known must be protected. persons. FREE! From 15,- CHF From 26,- CHF Users only are required to Price for first year. Price for first year. register a CertifyID Account Renewals are charged at Renewals are charged at 50% annually. 50% annually.
  16. 16. CertifyID™ Personal CertificatesThe World Internet Security Company How to purchase a CertifyID™ Personal Certificates • Direct purchases. Customers can buy on-line or contacting their assigned Account Manager. • Managed services (MPKI). Resellers or customers interested in managing the certificates for a user comunity (i.e. a corporate environment) can benefit of our MPKI offering. WISeKey’s CertifyID™ MPKI provides all the necessary tools for issuing and managing worldwide trusted digital certificates for employees or customers, for a fraction of the cost of establishing a dedicated infrastructure. Licensing policy • User Licenses. The user certificates are licensed “per user”. The user license is paid by an initial fee and an annual renewal and allows to issue an unlimited number of certificates per user. • MPKI Service. MPKI Service is offered with or without dedicated Certification Authority. A dedicated Certification authority allows the organization to issue “branded” certificates, not appearing as issued by WISeKey.
  17. 17. CertifyID Managed PKIThe World Internet Security Company • Generate certificates for your  Employees  Clients  Partners • Universally trusted digital certificates allow you to:  Sign documents electronically  Sign email  Encrypt Email  Secure access to applications and subsequent communication challenges (using strong authentication)  Protect web servers (SSL)  Managed via a secure web interface  Minimize infrastructure costs.  User friendly and easy to use  Securely managed in WISeKey secure DC  Centralized or decentralized management
  18. 18. Managed PKI BenefitsThe World Internet Security Company Quick deployment • No inhouse systems need to be setup or deployed. The service can be immediately used via the secure online web interface. Secure Service • Service is provided from WISeKey’s secure data centers, and customer data is protected by contract and Swiss law. Decentralised management • Managed PKI allows flexible groups and templates, allowing administrators from anywhere in the world to flexibly manage the system. This is ideal for organisations that are geographically dispersed, and where remote branches are not part of the internal IT network. Lower costs for smaller deployments • Managed PKI is often a more cost effective option for small groups of users in the tens or low hundreds
  19. 19. The World Internet Security Company Secure Messaging + Multi-Device & Multi-Platform Secure Messaging
  20. 20. Multi-Platform Secure MessagingThe World Internet Security Company WISeKey enables secure messaging on private and public messaging systems: • Private Messaging: Email, SMS, What’sapp, iMessage, etc.. • Public Messaging: Facebook, twitter, Google+,etc.
  21. 21. Multi-Device Secure Messaging The World Internet Security Company• With CertifyID Personal Certificats WISeKey enables secure messaging on: • Mobile: iOS, Android, RIM • Desktop/Laptop: Windows, MAC OSX • Servers: Network integrated backend Cryptographic Key- Management Solution• Users can send/receive – encrypt/decrypt messages on any device• Users can digitally sign messages and documents on any device• WISeKey completes this offer with added value products that enable security on widely used channels as SMS, Social Networks and Voice Communications
  22. 22. The World Internet Security Company Infrastructure & Operations E-Security Services DATA LEAKAGE PROTECTION
  23. 23. Data Leakage ProtectionThe World Internet Security Company
  24. 24. Typical data security risksThe World Internet Security Company Employees can send confidential data out unintentionally or maliciously.
  25. 25. WISeKey’s DLPSolution Two types of running programsThe World Internet Security Company
  26. 26. WISeKey DLP Solution Cross-program data exchangeThe World Internet Security Company
  27. 27. The World Internet Security Company Multi-Platform Secure VoIP Communications (Cloud-Based or In-House) WISEPHONE+ 27
  28. 28. WISePhone+The World Internet Security Company Available for: • iPhone • iPad • Android • PC (Windows, MacOS, Linux) • Blackberry* (modelos 8520, 8900, 9000 y 9700) * OS Versions between 4.6 and, and 7
  29. 29. ArchitectureThe World Internet Security Company
  30. 30. WISePhone+ FeaturesThe World Internet Security Company • Background Support • WISePhoneGo (The Managed WISePhone • WISePhone+ and Native Dialer Support Service) offers a series of features to the end users: • Call over Wi-Fi or 3G Data • Secure user to user calling and messaging • Automatic CODEC selection • Intergroup Calling - with the approval of the • 2 Active Calls & Transfer Call other WisePhoneGo group • Attended and Unattended • Real time Presence (iPhone, iPad, Desktop • Swap Between Calls & Conference and Android only) • Mute/Unmute • Group Messaging within own business group • Generate DTMF • MeetMe Style Conference calls • Speakerphone/Handset • Music on Hold • Contact Pane • SkypeIn Integration to a specific number, or group of numbers (optional, non secure • Call History Pane service with additional costs) • Dialed Calls, Answered Calls, Missed Calls, • PSTN Breakout - This is subject to no Favorites regulatory issues and will have additional on- • Delete Entry/Entries, Filter by Entry Type going charges • Voicemail Pane • Call Voicemail
  31. 31. The World Internet Security Company Infrastructure & Operations E-Security Services PAPER REDUCTION SERVICES
  32. 32. Paper Reduction ServicesThe World Internet Security Company Our business line of products & services related to document integrity and authenticity: • e-Compliance Services: Legally compliant paper digitalization. • WISe-Notary Services: Legally-binding Trusted 3rd party archival • e-Diploma: Certification and academic credential digitalization and online validation.
  33. 33. e-Compliance ServicesThe World Internet Security Company Timestamp Service WISeKey (TSA) Locally Accredited 3rd party (TSA) Timestamp Authority Timestamp Authority  WISeSign PDF calls on timestamp services by WISeKey or an accredited local 3rd party timestamp service, when required by regulations. Mass e-Signing Service  Based on the destination, the certificates and BATCH OF FILES BULK DELIVERY cryptographic keys are used to digitally sign OF DIGITALLY SIGNED files in multiple signature formats, and can be AND TIMESTAMPED FILES securely archived or delivered electronically. Certified Hardware Security Files are securely archived for retrieval or delivered to an Internet or email address. Module  To comply with some local regulations, digital certificates and cryptographic keys can be INTERNET issued by accredited Certification Authorities.
  34. 34. WISe-Notary ServicesThe World Internet Security Company “Trusted Third Party” • WISeKey can manage the legal aspects Archive involved in supply chain de-materialization SMTP (e.g. model interchange agreements). Encrypted Storage Database E-mail Server • WISeKey will securely record and store the POP3S timestamped files exchanged in the supply chain, including contracts and other legally- binding documents. SQL TS over HTTP  All parties are issued a secure e-ID ensuring E-mail TimeStamping Service strong authentication and access to the system, which includes queries by authorized persons as per a defined protocol. GPS NTP LW  WISeKey can report, by request, on this exchange history which holds strong TimeStamps TimeStamping Reliable Time Sources evidentiary weight, is forensically reliable and Repository Authority (TSA) can be accepted by courts in most jurisdictions.
  35. 35. e-DiplomaThe World Internet Security Company Step 1: e-Diploma Generation • Digital file version of diplomas are DIPLOMA GENERATED generated in a user-friendly format. AS DIGITAL FILE Step 2: Digital Signature & Timestamp MANAGED IN-HOUSE REPOSITORY REPOSITORY • The authenticity of the e-Diploma is guaranteed by a digital signature generated by the institution and is timestamped for validation. Delivery of digitally signed & timestamped Step 3: Repository Storage e-Diploma. • Digital diplomas are stored in a repository managed by the institution (in-house) or by WISeKey (managed), equipped with unique access codes.
  36. 36. e-Diploma Validation ServiceThe World Internet Security Company Job Candidate: William Smith DIGITALLY SIGNED & VALIDATED DIPLOMA SECURED ACCESS SYSTEM
  37. 37. e-Diploma RevenueThe World Internet Security Company e-Diploma for Students Continual revenue stream for Universities • Students can choose the e-Diploma service, valid for a pre-selected duration. e-Diploma for Alumni • Alumni can request archived diplomas to be digitized and benefit from the same advantages as the standard e- Diploma service. e-Diploma Service Renewal • Renewed or extended access to the digital file can always be granted.
  38. 38. e-Diploma for other CertificationsThe World Internet Security Company • Professional certifications (e.g. specialized accreditation for doctors, lawyers, psychologists, engineers, etc…). • Technical training certifications in the IT industry (e.g. Cisco Certified Engineer, Microsoft Certified Security Professional, etc...). • Airport fast-track “trusted traveler” programs. • Official recognition of staff achievements in large organizations. • Professional endorsements or recommendations.
  39. 39. The World Internet Security Company Enterprise Mobile Community Security WISEID ENTERPRISE
  40. 40. About WISeIDThe World Internet Security Company • WISeID is the innovative solution from WISeKey for personal data protection • Using the WISeID Application (available for most smarphones and desktop environments) the users can: • Store confidential personal information in an encrypted vault • Store access credential for their most used on- line services (webmail, on-line banking, social networks…) and use WISeID as a convenient “single sign on” solution for accessing those services • Get a trusted identity (a CertifyID™ Personal Certificates) and improve the security of their on-line interactions. This identity can be used to encrypt and sign e-mails sent from the mobile phone 40
  41. 41. WISeID EnterpriseThe World Internet Security Company Fully customized and branded, including features such as: • Profile management • Digital ID integration into the corporate system • Signed email • Encrypted items • addition/modification of base categories, • Geo-Location • Backup & restore • Wallpaper & Videos • Compilation and posting to customer App Store enterprise account • Support and maintenance
  42. 42. The World Internet Security Company Questions?