Key Management and Payments Security Blog - Thales e-Security

Data Security and Key Management - Thales e-Security

  • Code signing failures: Don’t fall into the same trap

    By | May 30, 2017

    The security community has long recognized the importance of code signing as a method to establish trust and integrity. It is now, however, becoming inescapable for independent software vendors (ISVs) and even ordinary users.

    These days, businesses need provably reliable ways to validate the authenticity and integrity of the electronic assets and, perhaps even more importantly in today’s threat landscape, prove that these items have not been tampered with or changed maliciously since they were created.

    Continue Reading
  • CipherTrust Monitor 2.0

    By | May 24, 2017

    Bringing Convenience, Cost Reduction & Increased Uptime for Thales e-Security Customers

    According to our 2017 Thales Global Data Threat Report, 68% of respondents have experienced a breach at some point, with more than one in four reporting breaches in the last year alone, up by 22% from the previous year. In this environment of ever-present threats, securing sensitive data has become a top priority for organizations. It’s thus no wonder that advanced techniques, such as encryption with strong key management, are required to ensure organizations can maintain data security. And as much as organizations need to secure their data, they must also do so with as much operational efficiency as possible.

    Continue Reading
  • Teaching old dogs new (data security) tricks

    By | May 24, 2017

    In light of the numerous recent hacks on high-profile companies, it would appear more UK organisations are waking up and taking action to ensure they don’t find themselves in the same situation. According to findings in our 2017 Data Threat Report: European edition, 63 per cent of UK businesses plan to increase IT security spend in 2017 – a huge jump from the 54 per cent we recorded in 2016.

    Continue Reading
  • Meeting GDPR compliance with a year to go

    By | May 19, 2017

    There’s now less than a year until the EU General Data Protection Regulation (GDPR) comes into effect.

    Designed to harmonise data privacy laws across Europe and increase the protection of data privacy for EU citizens, the GDPR has been heralded as a major step forward for consumer protection, and is set to have a significant effect not only on companies within the EU, but also on those exporting data to countries outside the European Union.

    The GDPR requires a greater obligation from businesses to protect the personal information they hold from cyber-attacks, with penalties for leaking customer data larger than ever before.

    Continue Reading
  • What is code signing?

    By | May 16, 2017

    Organizations implement the technology as a best practice to protect businesses, brands, partners, and users from infected software

    Let’s start with a basic definition. Code signing is a method of proving the origin and integrity of a file. The process involves digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed.

    Code singing protects companies – along with their partners and users – from the potential risks associated with software tampering. As part of the code-authentication process, it’s crucial for establishing trust and identity.

    Continue Reading
  • Top 5 Encryption ‘Gotchas’

    By | May 11, 2017

    As encryption adoption increases, more challenges arise

    Nothing worth having comes easy. But good things come to those who encrypt (and do a good job managing the keys).

    According to our Global Encryption Trends Study, cloud adoption and escalating data security threats are accelerating encryption deployments. To be exact, the growth rate of companies with an encryption strategy reached the highest level in the past four years, with a total of 41 percent now reporting they have a consistent encryption strategy.

    Of course, I’m glad to see that organizations are adopting encryption, but there are challenges they will face. Here are the top five “gotchas” we see when organizations start encrypting:

    Continue Reading
  • Is Cloud Computing Secure for your Sensitive Data?

    By | May 08, 2017

    Organizations across all industries leverage the power, agility and cost savings provided by cloud computing. It’s becoming clear that organizations are migrating their data to the cloud at a fast pace, and many organizations are even beginning to use multi-cloud environments.

    Fortunately, we have seen from our recent Global Encryption Trends Study that protecting data in the cloud has become a requirement for most organizations. As you may already know, encryption is a key technology that protects against data breaches, and helps with compliance and privacy concerns. In fact, the growth rate of companies with an encryption strategy reached the highest level in the past four years (now up to a total of 41 percent).

    Continue Reading
  • Multi-Cloud Key Management: Selection and Migration (Third in a Series)

    By | May 03, 2017

    This blog first appeared on Securosis (

    Cloud services are typically described as sharing responsibility for security, but the reality is that you don’t working shoulder to shoulder with the vendor. Instead you implement security with the building blocks they provide you, possibly filling in gaps where they don’t provide solutions. One of the central goals of this research project was to show that it is possible to take control of data security, supplanting embedded encryption and key management services, even when you don’t control the environment. And with key management you can gain as much security as your on-premise solution provides – in some cases even continuing leverage familiar tools – with minimal disruption to existing management processes.

    Continue Reading
  • Global Encryption Trends

    By | May 02, 2017

    global encryption trends

    In today’s digital world, data is the crown jewel, the pièce de résistance. And with the steady pace of major data breaches, securing sensitive data must be a top priority for organizations across the globe. In fact, Verizon’s recently issued 2017 Data Breach Incident Report analyzed 42,068 security incidents – of which 1,935 were data breaches – across 84 countries. The issue of cybersecurity is truly global in scale.

    Here’s what’s encouraging: countries around the world are waking up to the reality of the need for security at the data level. In our recent 2017 Global Encryption Trends Study, issued in conjunction with the Ponemon Institute, we found that enterprises have accelerated their adoption of encryption strategies. In fact, 41 percent of respondents said their organization has an encryption strategy applied consistently across the enterprise compared to less than 15 percent in 2005, the first year of this study.

    Continue Reading
  • Fine-tuning the Festival experience with secure and efficient ticketing

    By | May 01, 2017

    The resale of cancelled and refunded tickets for this year’s Glastonbury Festival took place last weekend, with thousands of eager music fans visiting the website in the hope of securing a place in front of the world famous Pyramid Stage.

    Registration required purchasers to upload a passport photo of themselves, which would then be replicated on the paper ticket itself as a means of identification.  Such a process can be prone to errors, however, with wrongly sized images causing delays in the purchase procedure, and out of date photos leading to problems with authentication at the gates of the Festival itself.

    Continue Reading
View more

About this blog

Welcome to our new merged blog site, featuring key management and payments security focused content previously hosted on and

As companies look to protect their customer data and other sensitive information, encryption is being deployed more widely. Yet if an encryption key is lost then that data cannot be recovered. Avoiding this problem demands formalized processes and robust technologies for key management making the protection, management and secure use of cryptographic keys a fundamental component of modern IT security.

Thales has been applying data protection and key management expertise to the worldwide payments industry for over 25 years. Our solutions secure retail and corporate banking, integrate with all widely used credit/debit applications, and include the world's best-selling EMV data preparation system and complete PIN management for card issuers.

Powered by GlobalLink OneLink Software