Digital Trust & eID

Trust services meet a continuously growing demand by enterprises and national organizations. As countries put continuous effort to minimize bureaucracy and achieve cross-border identification for citizens, seamless cross-border transactions and utilize qualified electronic signatures that act equally as a physical signature in court, strict and transparent compliance requirements arise.

Having perennial involvement in designing procedures for trust service providers as well as performing compliance audits, our PKI professionals can help you:

  •  Design & deploy self managed PKIs according to your business needs
  •  Stay compliant with trust service regulations standards
  •  Achieve inclusion in root store programs and become publicly trusted CAs
  •  Comply with LoA requirements for your eID Scheme for national identification under EU 910/2014 (eIDAS)


SpearIT has compiled a services bundle in a holistic approach for organizations operating in the TSP industry, customizable according to your needs.

Policies & Documentation

Planning & guidance on documentation requirements:
Certificate Policy
Certificate Practice Statement
Validation Plan
PKI Hierarchy



Certificate Profiles Evaluation

Evaluation of the compliance level of your issued certificates against:
ETSI requirements
CA/B Forum BR requirements
CA/B Forum EVCS
CA/B Forum CS
Root Programms & TSLs

(Apple, Microsoft, Mozilla, Google, Adobe)

Critical Assets Evalutation

Evaluation of the compliance level of your critical PKI system components:
Root CA
Sub CAs
Certificate sampling
OCSP Responders
CRLs


Consulting

Gap analysis, guidance and implementation consulting on technical & regulatory compliance requirements (eIDAS, WebTrust, Root Store Programs).



Security Testing

Periodic assessments of the PKI critical assets and applications, including mitigation recommendations:
Vulnerability Scanning
Internal & External Penetration Testing


Our PKI specialists are more than happy to discuss a solution with you!

Contact Us!

Latest News

Comparisson of the Notification Activities Between the Two Data Protection Regulations for EUIs

On 11 December 2018, Regulation (EU) 2018/1725 aka "GDPR for EUIs" came into force, replacing the older Regulation (EC) 45/2001....

Read More

Renewed Data Protection Regulation for EU Agencies

On 11 December 2018, Regulation (EU) 2018/1725 aka "GDPR for EUIs" came into force, replacing the older Regulation (EC) 45/2001....

Read More

EU NIS Directive Receives Update Proposal

On 6 December 2020, the EU Commission published its proposal for a revision of the Directive on Security of Network and Information Systems (EU NIS Directive)...

Read More