The challenge of 2021: qualified digital certificate to shield security

The use of a qualified digital certificate is becoming more and more widespread, not only because of the comfort and trust it generates, but also because of the security it provides through the electronic evidences collected during a signature process, providing greater legal validity to our electronic transactions. It is a tool that allows us to shield the security of our organization at the click of a button.

In the current context, digitalization and cybersecurity are two fundamental aspects in the daily management of any company that provide tranquility and confidence. Those companies that choose to use tools such as the digital certificate bet on quality and maximum security in the processes, whether to carry out procedures with customers, suppliers, Public Administration, etc.

That is why the great challenge today is not to work digitally, but to work safely and completely protected against possible attacks, identity theft or forgery and manipulation of documents, relying on a Qualified Trusted Service Provider.

For example, the number of cyber-attacks on companies increased dramatically as a result of the pandemic. In Spain, the National Cybersecurity Institute reported 130,000 serious incidents last year, an increase of 24% over the previous year. Companies such as Vueling, Adif or the Galician pharmaceutical company Zendal have suffered high-profile cases of cyber-attacks in which both internal data and customer information were exposed, with the consequent economic costs arising from these problems.

As a result, users are increasingly demanding more information about the usage audit process. But what exactly is it and what can it be used for?

How can security be protected? Usage Audit

IvSign is a platform for issuing and centralizing certificates. This tool shields certificates and electronic signatures thanks to centralization in the cloud. Thanks to this process, it is guaranteed that certificates are not copied or reproduced. In addition, it enables the option of usage control, where it is possible to define use policies for each digital certificate and user (by date, day and time, URLs or computers). Thanks to this, the tool also offers an audit process.

Traceability in the audit of use

The audit process offers an exhaustive traceability on the use of each digital certificate. It collects the electronic evidences related to the administrative operations performed by each user within the platform, as well as the authentication performed with the digital certificates or the signature operations.

In this way, the electronic evidences that the IvSign platform registers are:

• Certificate used: with which digital certificate has been accessed.
• Date and time of use.
• User: which employee has used it.
• IP from which it was accessed
• Type of operation
• External URL visited: for example, if accessing the headquarters of a public body.
• Application

This audit trace also allows employees to operate with assurances that the certificate is equipped for that employee or group of employees for specific issues. This means, as well, a safeguard against any misconduct performed by an employee. IvSign makes the information on these electronic evidences available for you to consult and download at any time.