Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Best Practices to Future-Proof Your PKIs and HSMs in the World of DevOps and Clouds
1. Best Practices to Future-ProofYour PKIs and HSMs
in theWorld of DevOps and Clouds
• Known as “The PKI Guy” since early days at Microsoft
• Leading PKI subject matter expert
• At PKI Solutions, we implement PKI solutions at enterprises
• Creators of PKI Spotlight
• In-person and online trainings available
• My focus is security, PKI design and implementation, identity management
Mark B Cooper
President & Founder
RSA – San Francisco 2022
Futurex Booth 1355
2. W H A T D O E S P K I S O L U T I O N S D O ?
We are the world’s foremost specialists
providing Public Key Infrastructure (PKI)
products, services, and training to give
organizations confidence in their identity and
encryption systems
70+
Years of
experience
250+
Projects
316
Clients
3. What IS the
future of PKI
and HSMs?
Cloud hybrid environments with greater
certificate integration & authentication
Integrated authentication and password-
less authentication
Enterprise Multi-PKI world
• Use of best of breed solutions
Workload portability will require greater
HSM accessibility
• Manufacturer provided vs cloud
specific
Separate PKI ecosystems will require
greater visibility and management
6. Choose your HSM ecosystem
wisely – especially long-lived keys
PKI, Signing, IoT, etc.
8 B E S T P R A C T I C E S
7. Implement a cybersecurity mesh
architecture to monitor and govern
your various PKIs and HSMs
On-premises, cloud native, publicly trusted, etc.
8 B E S T P R A C T I C E S
8. Staffing and expertise will continue
to be a challenge even with cloud
forward – invest in tooling and
automation to augment teams
8 B E S T P R A C T I C E S
9. Avoid the monolithic approach to
trying to own a single PKI or single
HSM across all environments
8 B E S T P R A C T I C E S
10. Resilience is critical to meeting
DevOps, cloud micro services and
ephemeral workspaces
Define HA, Implement SLA, and ensure visibility and alerting
8 B E S T P R A C T I C E S
11. Rogue CAs (Hashicorp, cloud, etc.)
– Devise policies or incentives for
organizational compliance
Trust but verify
8 B E S T P R A C T I C E S
12. Don’t assume the cloud is always
available, accessible and infallible
Define resilient measures
8 B E S T P R A C T I C E S
13. Questions?
Email: info@pkisolutions.com
Phone: +1 (971) 231-5523
Web: https://pkisolutions.com
PKI Spotlight is a revolutionary new
cybersecurity monitoring software that
gives organizations confidence in
their identity and encryption systems.
Overcoming the major challenges of
maintaining a Public Key
Infrastructure (PKI) with real-time
monitoring and alerting of the
availability, configuration, and
security of all your PKI and HSM
environments - consolidated, and at
Editor's Notes
Our experience with our enterprise, government, manufacturing,
MSP, SIs, ISV’s, Social Media and many diverse clients
globally enables us to see the same business
problems and create solutions.