RNTrust and Entrust have just launched a new technical alliance. The alliance will deliver an all-in-one protected solution for PKI Deployment and Offline Root Certificate Authority by combining Entrust’s nShield Edge HSMs with RNTrust’s ORCA PKI system.
RNTrust ORCA will cater to organisations in the Middle East who require high levels of data security and protection but do not have the expertise or budget to implement a complex enterprise-class solution; providing the highest levels of Enterprise data security for their PKI deployments.
The RNTrust ORCA is built on a FIPS (Federal Information Processing Standard Publication) 140-2 and FIPS 140-3 HSM certification, with Multi-person Control or quorum-based authentication, often known as M of N protection, to comply with increasing regional compliance rules and standards. This enables firms adapt to and comply with regional comprehensive data security legislations as they impact organisations in the next years, such as GDPR, HIPPA, SOX, and CCPA.
“We believe data protection is essential for every business regardless of their size or budget,” said Hamid Qureshi, Regional Sales Director, Middle East, Africa and South Asia, Entrust.
He added, “With new and more comprehensive data security legislation being adopted across the Middle East region– mostnotably here in the UAE with the new DIFC Data Protection Law, as well as the newly launched UAE Federal Data Law and Abu Dhabi Global Market (ADGM) Data Protection Regulations –businesses of small and large scale, must equip themselves to effectively protect and manage their data.”
“PKI, Offline CA can be complicated and difficult to implement.Entrust has a long history of supporting governments, banks, and other institutions across the GCC in protecting sensitive data. The main aim of our technology partnership with RNTrust was to make enterprise level data protection more accessible to SMEs in the private sector as well,” added Hamid.
“After extensive research of the HSM market, wefound thatnShield Edge HSM from Entrust was going to be theperfect match for us. The solution we have created not only simplifiesdata protection processes, but also makesitmore accessible to small and medium size businesses across the region,” said Olivier Ruff, Chief Technology Officer at RNTrust Group.”
He also said, “Businesses in the region can rest assured that their data protection is up to par and can focus their efforts and budget on other areas of businesses to scale.”
RNTrust Orca is a complete system that includes a nShield Edge HSM, a protected Linux-based Appliance, OpenSSL-based Certification, and two hardware-encrypted USB keys for easy key generation.
When not in use, the solution is small enough to be stored in a safe, ensuring the system’s physical security. As the usage expands, the Security World software, which also serves as the backbone of the nShield HSM family, provides for easy networking, load balancing, and clustering.
SPITrust ORCA addresses the four main issues that plague Offline Root CAs: Hardware, Software, HSM, Backup Storage, and Integration of those four aspects. SPITrust ORCA was created by RNTrust as an off-the-shelf turnkey solution. It runs on top of a hardened SuSE Linux with an encrypted file system and keeps track of its state in a SQLite database using an OpenSSL-based CA. Multiple CA Certificates and CRLs can be created and handled with SPITrust ORCA, making key-ceremonies simple and straightforward.
SPITrust ORCA adheres to all industry requirements to ensure that private keys are well-protected, and it employs a nShield Edge hardware security module. The nShield Edge is a full-featured, portable USB HSM optimised for low-volume transaction situations. It’s capable of encryption and key protection, and it’s perfect for certificate authorities’ off-line key production (CAs). SPITrust ORCA incorporates a PIN-authenticated, AES-XTS 256-bit hardware encrypted flash drive that securely encrypts, stores, and safeguards data to military standards to assure maximum security of Root CA.
The Aegis Secure Key 3NX enables secure storage of ORCA backups in order to comply with severe data protection and confidentiality rules and directives, such as GDPR, HIPAA, SOX, CCPA, and others. With many characteristics, the microprocessor provides ultimate protection against hackers, detecting and responding to tampering.
The company supports customers in various countries across the world with more than 550 RNTrust specialists spread across the GCC, Europe, and the United States, as well as a network of strong global partners.