Entrust supports mass move to zero trust frameworks
Entrust is supporting organisations zero trust journey with new foundational identity, encryption, and key management solutions.
Bhagwat Swaroop, President of Digital Security Solutions at Entrust, says, "Zero trust approaches are reshaping security in a perimeter-less world. While the conversation often starts with identity and network access, organisations are quickly finding that identity and access management is only the beginning.
"A comprehensive zero trust framework starts with enabling trusted identities across users, devices, machines, apps, and workloads, and extends to a data protection strategy to secure data in-transit, at rest, and in-use across both public and private cloud environments."
Swaroop continues, "Getting to a zero trust framework is a multi-year project, one that requires trusted partners to help you build your framework on a solid foundation.
"Entrust is uniquely positioned to help organisations establish zero trust foundations: including both high-assurance identity and access management and applied encryption to help secure data today and for the post-quantum future.
"Moreover, our capabilities extend to comprehensive security posture management governing identities, entitlements, keys, certificates and secrets across multi-cloud, hybrid, and on-premises operations."
To support this evolution, Entrust is introducing pivotal advancements in identity, encryption, and multi-cloud security to support zero trust frameworks.
- Identity: Adding new passwordless, certificate-based authentication with smart keys and FIDO2 passkeys to the full-suite Entrust Identity IAM solution; as well as cloud-based Entrust PKI as a Service (PKIaaS) turnkey integration with Microsoft Intune and other mobile device management (MDM) providers to accelerate device enrolment at scale.
- Encryption: Launching nShield 5, a high-performance, next-generation HSM with multitenant capable architecture and support for post-quantum readiness.
- Multi-Cloud: Releasing new Entrust KeyControl 10 solution, using an approach that delivers consistent multi-cloud key and secrets policy compliance management, for data protection across SaaS applications, customer databases, and workloads, both cloud-based and on-premises.
Identity: Cloud-based IAM solution passwordless options
As enterprises continue to advance their Zero Trust projects, an identity-first approach to security is foundational. Entrust has been enhancing its Identity as Service (IDaaS) solution, a full-suite IAM platform.
- New high-assurance passwordless capabilities that include certificate-based authentication, FIDO2 keys, FIDO2 passkeys and others.
- Elevated security with enhanced risk-based adaptive multifactor authentication that integrates additional risk factors from external providers and performs continuous validation throughout user sessions, as well as enforces appropriate step-up authentications.
- Support of outbound System for Cross-domain Identity Management (SCIM) for app provisioning in third-party cloud applications (service providers).
- Entrust also has enhanced Customer IAM (CIAM) capabilities, enabling seamless and connected experiences for customers or citizens with passwordless authentication, digital signing, ID verification & proofing for a more secure digital experience.
Recognising that secure device enrolment at scale is critical to Zero Trust frameworks, Entrust also has added zero-touch, turnkey integration between its cloud native Entrust PKI as a Service (PKIaaS) and Microsoft Intune and other MDMs, allowing customers to leverage Entrust PKI seamlessly with their IT management platform in minutes without the need for on-premise hardware or software.
Organisations can enrol devices of any kind securely with extended key and certificate parameters to support advanced identification, authentication, and authorisation schemes that enable Zero Trust frameworks.
Encryption: Next-generation HSM performance and crypto-agility
Encryption is at the heart of zero trust frameworks, providing critical protection for sensitive data. As demands on encryption continue to expand, Entrust is launching the next generation of its Entrust nShield Hardware Security Modules.
The new nShield 5 HSMs deliver performance for the root of trust enterprises need across business-critical enterprise applications and provide a platform for the future cryptographic data protection needs of a post-quantum world. Entrust nShield 5 HSMs use an innovative multitenant capable architecture scheduled for certification to the FIPS 140-3 standard.
Multi-cloud security: Redefining key management
Protecting encryption keys is critical to the zero trust foundation, Entrust states. The newest release of the Entrust KeyControl solution enables information security teams to centrally manage encryption keys and secrets across decentralised, multi-cloud applications.
With this release, the KeyControl solution uses a decentralised vault-based architecture, combined with centralised compliance and risk management to deliver enhanced keys and secrets management. This approach lets an enterprise replace manual or ad hoc practices with consistent policy governance for data protection across customer databases, whether cloud-based, hybrid, or on-premises.