Can you imagine PKI without physical cards?
Posted by maya.ivanova on 05 November 2020 10:59 AM
It turns out you can.
However, fast digitalization brings new challenges to the constantly developing economy. You may have employees who frequently go on business trips having only their smartphones or laptops. Naturally, they can’t bring along smart card readers and smart cards, but they still require digital certificates for work.
The 2020 pandemic also set new trends. In the work from home reality, сompanies whose business processes and services were massively connected to Public Key Infrastructure faced an unexpected problem. To maintain internal work, employees should use smart cards. But it is neither cost-effective nor quick to distribute hardware USB tokens. A virtual smart card, on the contrary, perfectly fits into new cases.
Modern card management systems offer various options:
We’ll guide you through the available options.
Virtual smart cards (TPM\WHfB)
Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores encryption and signature keys specific to the host system for hardware authentication.
Windows Hello for Business replaces passwords with strong two-factor authentication on Windows powered devices. This authentication is tied to a device and uses a biometric or PIN.
Network-attached smart card Indeed AirKey
It is the software implementation of a smart card that lets a user perform the same operations as the hardware smart card does.
Issuing certificates to the user’s local storage
One of the alternatives to hardware or virtual smart card can be to issue a certificate and to deploy it together with the private key on the user’s workstation.
This feature can be useful while a user works with virtual machines to which he/she connects through a thin client, mobile device or with the help of special software (for example, VPN client).
As you can see, there are a number of scenarios where a virtual smart card can work better than its hardware counterpart. Indeed Certificate Manager, a cutting-edge product for smart card management, can work in all these scenarios to increase the efficiency of your PKI.
Feel uncertain about the smart card options that can work better for your enterprise? Request the consultation by our leading PKI experts.