Enterprise
security

Discover our solutions for data protection within the organization’s processing infrastructure and implementation of security mechanisms that assure a high level of protection.

What does enterprise security imply?

  • Implementation of the organization’s Public Key Infrastructures (PKI) – digital certificate management, real-time certificate validation and time stamping (certSAFE)
  • Safe user authentication – authentication server (gateSAFE)
  • Systems for creation and verification of qualified signatures according to the eIDAS Regulation (Paperless)

Our solutions

certSAFE

certSAFE is a modular application that provides the elements necessary to create a wholesome public key infrastructure (PKI), together with the pertaining security services, at organization level:

  • management of the digital certificates within the organization – certSAFE CA (Certification Authority);
  • implementation of mechanisms for online verification and validation of the status of certificate– certSAFE OCSP (Online Certificate Status Protocol);
  • implementation of own time stamp service – certSAFE TS (Time Stamp) – to assure non-repudiation of the electronic information through time stamping;
  • mechanisms for recovering the private keys of the encryption certificates – certSAFE KRM (Key Recovery Module);
  • interconnection by cross-certification with the infrastructures with public keys of other organizations – certSAFE Bridge CA.

certSAFE is accredited for the protection of classified information at NATO and national level, being included in the NATO Catalogue (NIAPC – NATO Information Assurance Product Catalogue) and in INFOSEC National Catalog with packages, products and protection profiles published by the Romanian National Security Agency (ORNISS).

gateSAFE

gateSAFE is a software product used for web application authentication, authorization and access management. gateSAFE has a modular architecture that allows the parallel functioning of several servers needed to respond to a large number of connections and provides functionalities for:

  • implementation of the users’ authentication mechanisms via a single access point (Single Sign On – SSO);
  • single authentication for digital certificate-based access to resources for the users of the applications;
  • integration with advanced security services: online verification of the status of authentication digital certificates, of the directory services and of the time stamping services;
  • online verification of the status of certificates used for authentication, directory services and timestamping services;
  • secured connections between the client and the server within unsafe networks (SSL 128 bits);
  • access management to services accessed by users or customers;
  • monitoring connections, user traffic and activity tracking;
  • web services securing.

certSIGN Paperless – remote signature

Paperless is a solution for creating remote electronic signatures and for verifying signatures. Documents electronically signed using Paperless are time stamped. The product is accredited as QSCD (Qualified Signature Creation Device) in accordance with EU Regulation no. 910/2014 (eIDAS).

The main advantage of using remote electronic signature, compared to using digital certificates stored on cryptographic tokens, is that it is much easier to use, since certificates can be accessed from any device, without the need for driver installation or USB token connection.

The product allows the application of qualified signatures with personal certificates and the application of electronic seals issued for legal persons, the following types of documents can be signed:

  • PDF documents;
  • any type of document / file in pkcs7 format;
  • hash associated with any type of document.

Authentication and authorization to perform a signature operation is done through a 2-factor authentication mechanism. Regarding the verification of signatures applied to a document, this is done regardless of the signature format: pkcs7 signature or the signature included in PDF documents.

Paperless flowSIGN

Paperless flowSIGN is a web solution for multiple document signing flows, which includes both remote signing and local signing with qualified certificates stored on token cryptographic devices.

Paperless flowSIGN allows defining the signature flows, the process of accepting and signing the documents, downloading the signed documents and integrating with other information systems. The product can address both the internal flows of an organization and the signature flows between organizations or between organizations and individuals.

Defining a signature flow is easily accomplished, following these steps:

  • uploading the documents to be signed;
  • defining the persons involved in the flow;
  • defining the position where a signature will be placed in the PDF file;
  • setting notifications;
  • launching the flow in the signing process.

In the signing process, the user is notified by e-mail of each new assignment, accesses the application, authenticates and signs the documents. All documents in a stream are signed remotely in one step.

Leave us a message and we will contact you

Send us your details and a message and we will contact you to answer all your questions about our enterprise security solutions.

    * required fields

    Te sunăm noi!

    Îţi mulţumim pentru că vrei să intri în contact cu noi!

    .


      * campuri obligatorii

      We'll call you!

      Thank you for getting in touch with us!


        * campuri obligatorii