GlobalSign Partners with nCipher to Provide Hardware Based Trust to Enterprise CA Users

April 4, 2007; 03:59 AM

LONDON, UK – GlobalSign (www.globalsign.com), one of the longest established Certification Authorities (CA) and specialists in Digital Certificate security today announced a partnership with nCipher plc (LSE: NCH) to offer publicly trusted CA Root Certificates housed securely within nCipher Hardware Security Modules (HSMs).  This new integrated solution offers immediate benefits to enterprises using in-house Enterprise CA solutions such as the Microsoft CA software to deploy their own internal / extranet based public key infrastructure.  Enterprises using the newly combined solution can expect significant Microsoft CA implementation savings as well as greatly increased security surrounding certificate generation and protection.

In recent years many enterprises and major organisations have established their own Enterprise Certificate Authority (CA) with the primary goal of enhancing security for an ever increasing number of diverse web based business processes.  For an enterprise to establish their own Enterprise CA it must self-sign a CA Root Certificate, which is then used to issue digital certificates to employees, extranet users and even machines and services.  Such certificates can then be used to digitally sign and encrypt communications and also to control access to web resources.  However this self-signed Root CA Certificate is not automatically trusted by main-stream operating systems (such as Microsoft Windows), browsers (such as Microsoft Internet Explorer, Mozilla Firefox) or email clients (such as Microsoft Outlook).  This inability to trust causes warning messages to be displayed, resulting in a lack of confidence by staff and increased cost for support and training. 

To avoid these warnings the enterprise would be forced to either accept the increased support costs or to undertake a Root Embedding Programme to have the self-signed Root CA Certificate inserted into all operating systems, browsers and applications.  Such a program is expensive and labour intensive, taking many years before the enterprise’s Root CA Certificate is sufficiently ubiquitous to be used without support issues.  The time and cost associated with an Embedding Program massively outweigh any advantage that would be associated with implementing an Enterprise CA solution.

As a leading WebTrust accredited Certification Authority, GlobalSign has maintained its own pioneering Root Embedding Programme for over 10 years and now the GlobalSign Root CA Certificate is trusted by practically all mainstream browsers and applications.  With GlobalSign’s RootSign there is no need for individual Enterprise CAs to have their own Embedding Programme, instead GlobalSign allows use of its own ubiquitous Root CA certificate to give the customer its own set of new, but highly trusted, Root CA certificates.  The customer then immediately inherits the trust associated with the GlobalSign Root CA which provides an easy way for certificates issued by the enterprise to be transparently accepted in all popular applications, thereby eliminating the costly support issues.  The newly trusted Root CA Certificates are then placed within an nCipher Hardware Security Module (HSM) which physically protects the cryptographic keys from hackers or unauthorised use.  Protection of the Root CA Certificates is vital to organisations; by using a HSM which protects cryptographic keys an organisation can be sure its root certificate has not been compromised and is safe from external tampering.

“By deploying hardware protection for Enterprise CA solutions customers can be confident in their ability to ensure privacy, protect intellectual property and establish the authenticity of online transactions and information exchanges as well as implementing best practice security,” said Sarah Hurst, EMEA Partner Manager for nCipher.  “We are pleased to partner with GlobalSign to bring our experience in digital certificate hardware security to the RootSign program.”

“The partnership with nCipher is a perfect fit, as the two solutions go hand in hand.  RootSign naturally stipulates a requirement for a HSM to protect both GlobalSign and the RootSign customer.  nCipher’s market leading hardware platforms deliver highly competitive solutions tailored specifically for the Enterprise CA market”, said Paul Tourret, Managing Director GlobalSign.  “Such Enterprise CA customers can simply take advantage of the fact that we have highly ubiquitous and trusted Root CA Certificates, they simply take advantage of our investment in the root programme and inherit the trust that GlobalSign has garnered over the last 10 years.”

The RootSign / nCipher HSM combined solution is available now from either GlobalSign at http://www.globalsign.com/pki/rootsign.cfm or through nCipher at http://www.ncipher.com/

About GlobalSign NV

Established in 1996 and as a WebTrust accredited public certificate authority, GlobalSign offers publicly trusted SSL (standard and new Extended Validation), S/MIME and code signing certificates. These core solutions allow its thousands of enterprise customers to conduct secure online transactions and data submission, and provide tamper-proof distributable code as well as being able to bind identities to client certificates for email security and remote two factor authentication, such as SSL VPNs.  It has sales and support expertise available through its US, UK and Belgian offices, available in 6 languages.

In October 2006, GlobalSign was acquired by Certification Services Ltd (now GlobalSign Ltd.) a UK based marketing & sales company specialising in digital certificate sales, support and strategy and part of the GMO Internet Group.  The new ownership has resulted in significant investment in the GlobalSign product and service portfolio, customer service infrastructure as well as ongoing R&D.

About GMO Internet Inc.

Company Name: GMO Internet Inc. (Tokyo Stock Exchange, First Section: 9449)
URL:    http://www.gmo.jp/en/
CEO:   Masatoshi Kumagai
Business Description:
            Internet business - Infrastructure
            Internet business - Media/Advertising
            Internet business - Finance

About nCipher

nCipher protects critical enterprise data for many of the world's most security-conscious organisations. Delivering solutions in the areas of identity management, data protection, enterprise key management and cryptographic hardware, nCipher enables businesses to identify who can access data, to protect data both in transit and at rest, and to comply with the growing number of security-related regulations. nCipher is listed on the London Stock Exchange (LSE:NCH). www.ncipher.com