The modern corporation is using web based infrastructures in many ways to conduct business across the enterprise and around the globe. Whether it is with customers, partners or employees, the Internet provides instant access and global reach at a fraction of the cost of traditional channels. However, doing business via the Internet presents unique security challenges such as ensuring privacy, confirming identity, managing authorization and legitimizing business transactions. To address these issues, governments have enacted far-reaching privacy legislation and industries are mandating a growing list of new security requirements (GLBA, Sarbanes-Oxley, HIPAA, FDA 21 CFR Part 11, EU Data Privacy, EU Electronic Signature, etc. ). Increasingly, there is a need for web based solutions that provide instant global access, yet also provide security and privacy in a cost effective manner.

This paper discusses the benefits that are unique to deploying the integrated solution of the Windows Server 2008 PKI and the nCipher nShield and netHSM hardware security modules(HSM). This includes the essential concepts and technologies used to deploy a PKI and the best practice security and life cycle key management features provided by nCipher HSMs.