AWK Group makes leaner audit engagements possible with digitalized key ceremonies from Securosys SA
The Swiss management and technology consulting company AWK Group is to use hardware-generated evidence from Securosys SA which will enable key ceremonies to be conducted without the physical presence of auditors. This innovative approach facilitates leaner audit processes and offers clients efficiency benefits.
Securosys and AWK Group AG have announced today that they will collaborate in the area of key generation for PKI systems and blockchain infrastructures, also known as key ceremonies. Up to now this process – that is, hardware security module (HSM) auditing – has had to be monitored and certified on site by auditors at the relevant company’s data centers. AWK Group AG will now enable a leaner process and thereby secure efficiency gains for the client: during its audit of these processes, AWK Group will use HSM files signed by Securosys as attestations of the processes and will thus be able to complete the key ceremony without auditors having to be physically present. This makes the audit process for ISAE 3000 leaner and saves time and resources.
The radical simplification has been made possible by Securosys key and device attestation features. With key attestation, cryptographic verification of the key and its attributes is provided using a chain of trust origi- nating from the root certificate. This makes it possible to automate the key ceremony audit process and to issue trusted digital identity keys on a virtually limitless scale. The device attestation feature also enables HSM-attested information to be read out, such as hardware and software versions, cluster size, the number of security officers, and the underlying configurations. Documents signed by the HSM with a verifiable chain of certificates can be used to track processes automatically and technically with no human intervention whatsoever.
For information, please contact us directly via mail or phone.