Welcome to GlobalPKI

Certificate Management Made Smarter

Modern business models require sound security layers in order to deliver their services.

GlobalPKI provides a centralized, flexible, and cost-effective solution for all your certificate-related needs.

By automating the complete lifecycle and distribution of your corporate certificates, GlobalPKI enables you to focus on your core business and innovations with the reassuring feeling that your business data remains secure.

Automate your PKI workflows

Take a look at the use-cases below to learn more about what GlobalPKI is capable of

Centrally manage certificates within your organization

Certificate Lifecyle Management

Certificate Workflow Engine

A robust and flexible Certificate Management System is essential for large scale certificate deployments. In order to ensure seamless business operations, certificates need to be:

  • Issued, renewed, revoked, and deleted
  • Distributed in a secure way
  • Aligned with state-of-the-art cryptographic parameters

to guarantee business continuity. GlobalPKI centralizes all certificate-related activities into a single application that provides additional sophisticated reporting functionality for tracking your certificate deployments. Standard open interfaces let you perfectly integrate all certificate services into your internal workflows.

GlobalPKI provides

  • Complete lifecycle management for all kinds of corporate certificates
  • Support for on-premise and cloud-based deployment scenarios
  • A flexible architecture scaling from single-instance up to high-availability clustered installations
  • Secure key storage either in software or using hardware devices such as HSM, TPM, and Smartcard
  • Role-Based Access Control for fine-grained definition of access permissions
  • Support for standardized protocols such as REST, SOAP, SCEP, or ACME
  • Sophisticated reports to keep track of certificate deployments in your company

Automate your secure e-mail deployment

Secure E-Mail

Secure E-Mail

E-mail is one of the most prevalent channels for business communication in use today. However, as the technology was not designed with security in mind, e-mail is not applicable for the exchange of sensitive information out-of-the-box. In order to protect such information, an additional layer of security is required.
GlobalPKI safeguards your intellectual property by utilizing the S/MIME standard in order to prevent unauthorized disclosure or modification of e-mails. Confidential information is thus kept secure both in transit and at rest (in your local inbox, digital archives, etc).

GlobalPKI provides

  • Fully automated certificate lifecycle processes based upon your HR organizational data
  • Handling of various events such as user on/offboarding, or e-mail/name changes
  • Secure procedures for distributing private keys and certificates to end-user computers and mobile devices
  • Integration with mobile device management solutions such as MobileIron, Intune, AirWatch, Jamf, and BlackBerry UEM
  • Automated S/MIME configuration of e-mail clients such as Microsoft Outlook or Office 365
  • Out-of-the-box support for group mailboxes and delegates
  • Certificate publication to external systems such as Active Directory or LDAP servers

Ensure legitimate access to your business

Smart Authentication

Smart User Authentication

User Authentication

Make sure only legitimate users gain access to your IT infrastructure and business applications: Leveraging GlobalPKI, you can easily realize single sign-on or multi-factor authentication scenarios to increase user acceptance and security.

GlobalPKI provides

  • Automatic configuration processes for user authentication certificates
  • Optional storage of private authentication tokens in hardware devices such as a TPM or PIV

Device Authentication

To prevent loss of sensitive business data, connections between laptops, mobiles, or IoT devices are required to employ strong authentication schemes. GlobalPKI supports you setting up a certificate-based access-control with automated provisioning of authentication certificates. In consequence, access to services such as VPN or WiFi can be delivered in a secure manner.

GlobalPKI provides

  • Self-enrollment via standard protocols such as SCEP
  • Integration with third-party products such as Firewalls and MDM solutions
  • Real-time information about devices' states

Server Authentication

In order to securely communicate with a web server, the SSL/TLS protocol is used. Here, certificates are mandantory to ensure the integrity and authenticity of the connection. GlobalPKI provides full lifecycle management for such SSL/TLS certificates in a central self-service portal.

GlobalPKI provides

  • Profiles for internal and external SSL/TLS certificates for corporate or public CAs
  • Order processes for single or bulk requests
  • Support of multiple host names in the certificate which are required in clustered environments
  • Notifications for upcoming expirations allowing easy certificate renewals

Govern access and keep control of your servers

SSH Identity Management

SSH Identity Management

SSH is the standard protocol for securely accessing remote machines of UNIX-like systems. Typically, authentication is based on cryptographic keys which need to be managed properly in order to prevent unauthorized access. GlobalPKI enables the secure distribution of those keys, periodically rotates them, and keeps cryptographic parameters aligned to your security policies. Furthermore, RBAC is leveraged for fine-grained assignment of access permissions which can be granted based upon external triggers such as time of day or support tickets.

GlobalPKI provides

  • Means to tighten remote access to your business critical infrastructure via RBAC
  • Periodic rotation of keying material and adjustment of parameters to comply with your security policies
  • Integration of external triggers such as time of day or support tickets to grant access to your business critical infrastructure

Protect your mass e-mail communication

Trusted Communication

Trusted Communication

Protecting the integrity of your corporate mass e-mail communication is essential for maintaining your reputation with internal and external stakeholders. GlobalPKI transparently signs e-mails generated by business applications such as ticketing systems, reporting platforms, or monitoring suites.

GlobalPKI provides

  • A central hub to transparently apply digital signatures to mass e-mail communication
  • Easy integration without the need to modify the sending application

Reclaim access to your corporate secure e-mails

eDiscovery Services

eDiscovery Services

While we generally encourage always using encryption, we recognize that protected e-mails must be provided in plain under certain circumstances such as:

  • Proving evidence to authorities during legal cases
  • Performing central antivirus scanning and data leakage prevention
  • Storing in digital archives and data lakes

GlobalPKI provides

  • eDiscovery interfaces for authorized access to escrowed private keys
  • A high-volume, real-time engine to decrypt e-mails on the fly

Curious? Let's get in touch!

"Privacy.
Some day, in the future, people will look back and remember how beautiful it once was."

Jodie Foster

Contact Us

NOVOSEC AG
Berliner Straße 44
60311 Frankfurt am Main
GERMANY

Phone: +49 (69) 130 1468‑0
Fax: +49 (69) 130 1468‑11
E-Mail: globalpki@novosec.com