HydrantID Launches Dedicated Issuing Certificate Authority Service to Secure Organizations' Internal Computer Systems

Responds to changes in Certificate Authority industry standards

​​​​​​​​HydrantID today announced the launch of a Dedicated Issuing Certificate Authority subscription service allowing organizations to secure internal computer systems and IP addresses.  This is in response to recent changes to Certificate Authority standards that prevent organizations from acquiring publicly-trusted SSL certificates for internal host names or reserved IP addresses as of November 1st 2015. 

Many organizations have relied on publicly-trusted SSL certificates obtained from commercial Certificate Authorities to secure internal computer systems.  With recent changes in industry standards, that option is no longer available.  This industry change was primarily due to vulnerabilities that exist from non-unique common names in certificates issued from a “shared” trust anchor–in this case a publicly-trusted SSL root certificate.

"We support these very prudent industry changes to increase security in the system."

Trell Rohovit, CEO HydrantID

The optimal and most secure alternative is for an organization to put in place its own unique trust anchor from which to issue their own private SSL certificates.  In this way, organizations can ensure that only authorized systems have access to their internal IT environment without having to make significant network architecture changes.  However, this can be very expensive and operationally complex for an organization to undertake.

HydrantID’s solution provides organizations the ability to easily secure all of their internal host names and reserved IP addresses with a private Dedicated Issuing Certificate  Authority (Dedicated ICA) or Private Root Certificate Authority. HydrantID’s Dedicated ICA provides organizations with a unique trust anchor. This allows the certificate chain to be unique to each organization and eliminates cross-trust and name collision vulnerabilities.  The service can be accessed on-demand from the cloud, increasing security, eliminating operational complexity, and dramatically reducing costs.

We support these very prudent industry changes to increase security in the system. However, organizations have to either make significant changes to their network architecture to allow them to continue to purchase public SSL certificates for internal systems, run their own Certificate Authority–​which is complex and expensive, or purchase certificates from a commercial CA that are still issued from a “shared” non-public trust anchor, said Trell Rohovit, CEO of HydrantID.  “Now with our new Dedicated ICA service, organizations have an easy, secure alternative to securing internal host names and IP addresses.  Our Dedicated ICA service gives customers their own unique trust anchor they can rely on without having to change their network architecture or deploy expensive and complex CA systems”.

In addition to securing internal hosts names and IP addresses, organizations can now combine HydrantID’s new Dedicated ICA service with HydrantID’s existing publicly-trusted SSL subscription service to secure all their external systems and internal systems for one fixed subscription fee.

Betfair (LSE: BET) chose HydrantID to provide a unique private trust anchor for securing their internal systems through a Private Root as well as Dedicated Issuing CA(s) because it is easy, cost effective and secure.  Combined with HydrantID’s on-demand subscription SSL service they can cover all of their digital certificate needs from one provider for one subscription fee.

HydrantID’s Dedicated Issuing Certificate Authority service offers a variety of features that will allow IT professionals to customize the service to their specific security and administrative needs:

  • Dedicated ICA with organization’s name creates unique trust anchor;
  • Real-time certificate issuance;
  • Customized certificate polices and expiration dates, including long-lived certs and SHA1 certs for legacy systems;
  • Easily add Subject Alternative Names (SAN);
  • Simple cloud-based management console;
  • Centralized policy control; ability to control administrators, approval work-flow and subscribers to system;
  • Includes audit-logging, reporting, and automated system notifications;
  • Ability to set custom certificate expiration dates 

About HydrantID

HydrantID provides digital identity and advanced authentication services to help companies secure data and systems, and e-commerce transactions. HydrantID focuses on helping companies achieve industry best practices related to authentication and encryption, while reducing operating complexity and costs. HydrantID’s cloud-based, SaaS platform allows organizations to obtain advanced authentication and encryption services on-demand, in real-time. An industry-leading fixed-price subscription model eliminates financial and operational barriers that startups and Fortune 500 companies alike face in creating strong security practices. For more information, visit www.hydrantid.com.

Contact Information

Rocky Taylor
press@hydrantid.com
801-414-8327

Related Media