RSS Newsfeed for QuoVadis Group

QuoVadis CEO Named President of SuisseID Association

Wed, 25 Jan 2012 02:14:00 GMT

QuoVadis CEO Roman Brunner has been named President of the SuisseID Trägerverein, the association with responsibility for the Swiss national electronic ID programme (http://www.suisseid.ch/).

SuisseID was launched in May 2010 by the Swiss State Secretariat for Economic Affairs (SECO) as the first standardised product for secure electronic identity verification in Switzerland. SuisseID credentials may be used to conduct online transactions by individuals, between companies, or with Government. SuisseID provides the following benefits:

Electronic proof of identity
Electronic proof of function (including role in a company or a professional designation)
Qualified (legally binding) electronic signature

SuisseID was initially funded by the Swiss Government as an economic stimulus for the IT sector and to encourage the adoption of electronic commerce at all levels of the Swiss economy. As the programme has become established, responsibility for its management has shifted to the independent SuisseID Trägerverein led by key players in the sector.

Today, more than 220 organisations have enabled their online offerings to accept SuisseID credentials, which are stored on a smartcard or USB device and may be used with normal browser or email software. In addition, important trade associations and managed service providers have also adopted SuisseID for their online activities.

QuoVadis clients include green.ch, a large hosting and IT services provider, which provides QuoVadis SuisseIDs to customers for secure authentication to their online services as well as for secure email. Similarly KPT, a national health insurer, uses QuoVadis SuisseIDs to authenticate clients using their web platform and to enable qualified electronic signatures for paperless contract handling.

QuoVadis was founded in Bermuda in 1999. Mr. Brunner was a long-term Bermuda resident before returning to his native Switzerland to lead QuoVadis’ international development efforts. QuoVadis (http://www.quovadis.ch/) has been an approved issuer of SuisseID since the programme’s inception, with registration points across the country including at all major rail stations and municipal offices. In addition, QuoVadis’ Dutch subsidiary is an issuer for large-scale eID programmes in the Netherlands called PKI Overheid and e-Herkenning.

In addition to his role of President of the SuisseID Trägerverein, Mr. Brunner also serves on the organisation’s International Working Group which manages SuisseID compatibility with other eID standards and initiatives, including those of the EU STORK Project, World eID, and the Universal Postal Union.

QuoVadis Services is Leading Offshore Datacentre for Cloud Computing, Virtual Hosting Services

Wed, 11 Jan 2012 02:39:00 GMT

Bermuda Realty Company Limited (trading as Coldwell Banker Bermuda Realty) has adopted a Private Cloud solution from CCS Group and QuoVadis Services as the backbone of its computing needs.

Bermuda Realty is the island’s largest real estate firm offering a wide range of rental, sales, and management services for both commercial and residential real estate.

“Bermuda Realty has a long tradition of developing innovative services for the local real estate sector,” said company president Brian Madeiros. “This has lead to a considerable investment in IT infrastructure. By moving to cloud hosting, we have made the conscious decision to focus our resources on the real estate services at the heart of our business, and to outsource the underlying technology platforms to IT specialists like CCS and QuoVadis.”

QuoVadis is providing both production and disaster recovery hosting for Bermuda Realty’s server environments, as well as virtual desktops for all employees. The Private Cloud solution is based on QuoVadis’ multimillion dollar Infrastructure on Demand platform, hosted in its SecureCentre datacentre in Hamilton.

“Bermuda Realty were looking for a highly available, high performance solution for their servers as well as the ability for employees to securely access their work from anywhere at any time,” stated Kory Logan, Product Development Manager of CCS. “Based on these requirements, we felt that hosted services with virtual desktops powered by the QuoVadis platform would be the most effective and economical solution for Bermuda Realty.”

With cloud hosting, companies outsource their server computing requirements to a hosting provider, reducing their own costs of buying in-house hardware or maintaining a datacentre. Virtual desktops expand on that idea, so a user’s software and files are not tied to an individual desktop computer. Rather, they operate from a central cloud server, so that users can access their office work environment from any computer when securely connected to the QuoVadis cloud.

“The QuoVadis cloud allows companies to reduce their business risk and overall cost of IT by leveraging our high performance computing platforms and datacentre technologies,” said Gavin Dent, CEO of QuoVadis Services. “It’s an appealing formula for many businesses faced with steep upgrade costs, replacing their variable upfront IT capital expenditures with predictable monthly fees.”

QuoVadis launched the high availability SecureCentre offshore datacentre in central Hamilton in late 2010 with multiple layers of support infrastructure and direct connections to Bermuda’s various data networks. QuoVadis expanded its offering with a world class Infrastructure on Demand platform, able to support a wide variety of virtual hosting and virtual desktop solutions, as well as tailored Private Cloud hosting. Other offerings include disaster recovery and remote back up services, managed storage solutions, as well as managed firewall and security monitoring.

“In this economic environment, many local companies are paying particular attention to their in-house costs of supporting and operating IT infrastructure. At the same time, they have concerns about hosting their IT overseas for jurisdiction or support reasons,” said Ian Cook, General Manager of CCS. “Working with the QuoVadis offshore cloud computing platform, CCS can create solutions that leverage the power of cloud computing but are customised to local company requirements and are backed up by experienced Bermuda support teams.”

CCS has provided IT professional services in Bermuda since 1982, building and providing ongoing support for some of the island’s most complex technology implementations. CCS consultants offer a complete portfolio of communications solutions, both for in-house implementation or for outsourced environments such as the QuoVadis Infrastructure on Demand platform.

QuoVadis to Implement Baseline Requirements for SSL/TLS

Wed, 14 Dec 2011 07:19:00 GMT

QuoVadis is among the first Certification Authorities to adopt the new “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” standard published by the CA/Browser Forum.

QuoVadis is a longstanding member of the CA/Browser Forum and contributed to the development of the new Baseline Requirements, which consolidate many previously fragmented standards and best practices for the issuance and management of SSL/TLS digital certificates.

“Previously Certification Authorities had to interpret overlapping standards from different software providers, regulators, and audit regimes,” said Roman Brunner, CEO of QuoVadis. “With the Baseline Requirements the core standards are integrated in one document, clarifying responsibilities and increasing accountability for trusted CAs that issue SSL/TLS digital certificates.”

SSL/TLS certificates are an essential part of the Internet’s security infrastructure, used to authenticate the ownership of websites and other online resources, as well as to encrypt information for confidentiality.

“Over time SSL/TLS has evolved with the growing sophistication of Internet, implemented in a wide array of software and the proven capability to scale to handle many millions of users. By establishing a security benchmark for CAs around the world, the ongoing Baseline Requirements initiative will benefit all users of SSL certificates and the https security they provide,” continued Mr. Brunner.

The Baseline Requirements provide clear standards for CAs on important subjects including CA security, verification of identity, a range of technical issues related to certificate content and technical structure, audit requirements, liability issues, and delegation of roles including the use of external sub-CAs and registration authorities.

QuoVadis, along with other major CAs that have chosen to voluntarily adopt the standard, will implement the Baseline Requirements before the effective date of July 1, 2012.

The CA/Browser Forum has requested that internet browsers and operating systems adopt the Baseline Requirements among their conditions to pre-distribute CA root certificates in their software. The CA/B Forum has also requested that the major audit regimes used by CAs, WebTrust and ETSI, develop audit criteria to assess compliance with the Baseline Requirements.

Founded in 1999, QuoVadis is a leading international Certification Authority, issuing both Organisation Validation and Extended Validation SSL certificates as well as digital certificates for End Users. QuoVadis is accredited as a Qualified Certification Services Provider (CSP) in several countries, and an issuer of Swiss SuisseID and Dutch PKIoverheid certificates. QuoVadis is audited to the WebTrust/CA and WebTrust/EV standards as well as the ETSI qualified standards.

ZorgTTP Chooses QuoVadis Certificates

Mon, 05 Dec 2011 03:05:00 GMT

QuoVadis Trustlink BV has been selected as the key supplier of trusted digital certificates for ZorgTTP.

Based in the Netherlands, ZorgTTP is an experienced Trusted Third Party that can assist in sharing and accessing databases with sensitive information such as health care records.

ZorgTTP has the in-house knowledge, experience and technology to edit personal data for anonymity in accordance with legal requirements. Besides the sharing of existing data files, ZorgTTP provides opportunities for data processing and research, which until recently were not possible or were highly restricted.

ZorgTTP systems use digital certificates for strong authentication and encryption. The QuoVadis certificates can be processed within the CMT new release (version 3.1) of ZorgTTP which went into production on November 22, 2010. The new version also provides support for 2048-bit keys.

QuoVadis is pleased to have been selected to serve ZorgTTP and its users. To request digital certificates for ZorgTTP, QuoVadis provides a special application website which may be accessed here.

QuoVadis Provides PKI Overheid Certificates for Dutch Ministry of Social Affairs and Employment

Wed, 26 Oct 2011 02:08:00 GMT

The Dutch Ministry of Social Affairs and Employment (Ministerie van Sociale Zaken en Werkgelegenheid or SZW) has decided that the digital certificates used by municipalities to access the Digitaal Verantwoordingssysteem (DVS Digital Recognition System) should be replaced by G2 PKI Overheid certificates. This follows the guidelines of the Ministry of Social Affairs and PKI Overheid.

QuoVadis has been selected by the Ministry of Social Affairs to replace the existing digital certificates.

Access to DVS and the digital signing of forms will be allowed only using the new PKI Overheid certificates from QuoVadis. The Ministry of Social Affairs provides and pays for the purchase of up to two certificates per Dutch municipality.

Click here for the application process for PKI Overheid certificates for DVS.

ExportData Chooses QuoVadis for PKI Overheid Certificates

Mon, 19 Sep 2011 12:46:00 GMT

Dutch service provider ExportData has selected QuoVadis as partner for PKI Overheid certificates to replace the currently used Diginotar certificates. Because the change to Netherlands PKI Overheid certificates means that ExportDocuments Online as well as some software of ExportDocuments Online users has to be altered, ExportData and the Chambers of Commerce have agreed upon a transition arrangement.

The transition arrangement concerns the use of "soft" digital certificates of QuoVadis. These certificates are functionally comparable to the Diginotar certificates. To use the QuoVadis soft tokens, users' software does not need to be altered.

The procedures for application and replacement of certificates will be published September 20th at the latest. ExportData will try to keep the procedures as simple as possible. For PKI Overheid certificates applicants need to be seen in person or been identified. QuoVadis will visit each company and the certificate holders will receive their certificates. For the soft certificates this "heavy" procedure is not necessary, but the procedure will used. Within 12 months after receiving the new soft certificates companies are obligated to switch to PKI Overheid certificates, delivered on a hard token, a so called Secure Signature Creation Device (SSCD). Due to the identification procedure for the soft tokens this procedure has not to be performed again.

For the users of ExportDocuments Online ExportData has agreed upon some favourable conditions with QuoVadis. With these conditions ExportData hopes to compensate some of the negative effect of the Diginotar problem. The prices and condition will be published before September 20th.

New users of ExportDocuments online can also start with the QuoVadis soft token until ExportDocuments Online is ready for PKI Overheid on hard token. Existing users of ExportDocuments Online will soon receive instructions for replacement their certificates from ExportData.

ExportDocuments Online offers users the service to apply for export documents at their local Chamber of Commerce and print the documents at their own office. Using the internet, export documents like Certificates of Origin, EUR-1 documents, EUR-MED documents, as well as legalisations and certifications of trade documents are available in no time.

QuoVadis Introduces Sign! for SuisseID

Tue, 06 Sep 2011 12:00:00 GMT

QuoVadis has introduced Sign! free PDF software allowing its SuisseID users to easily create legally binding digital signatures on electronic documents.

Launched in May 2010 in cooperation with the Swiss State Secretariat for Economic Affairs (SECO), SuisseID is the first standardised national electronic proof of identity in Switzerland. SuisseIDs are issued on smartcards or cryptotokens and are legally valid eID. Under the Swiss ZertES law, electronic signatures created using SuisseID have the same legal validity as their paper counterparts.

Using Sign! QuoVadis users can fill out and sign PDF forms. Users can also create new PDF documents as well as insert electronic signatures that identify the signer and make the document tamperproof. Sign! allows users to customise the content and visual appearance of the electronic signature.

Sign! creates both Qualified and Advanced electronic signatures (with optional time-stamp) under ETSI standards and verifies the validity of signatures using OCSP and CRL. To meet long term archiving requirements, Sign! creates a legally compliant PDF/A validation report. Sign! is available for both Windows and Apple operating systems and supports Mini Driver, PKCS #11 and TokenD integration for use in popular browsers and email software.

Sign! optionally supports the use of secure PIN entry via card reader. Customers requiring additional security can upgrade at a special price to the Sign Live! CC Certified Signature Solution, which is certified by BSI for compliance with the German Signature Act, the German Digital Signature Ordinance and relevant Common Criteria (CC).

For more information on QuoVadis SuisseID, please visit www.quovadisglobal.ch or the QuoVadis SuisseID online shop at www.suisseid-shop.ch.

QuoVadis Assists with PKI Overheid Transition from Diginotar Certificates

Sat, 03 Sep 2011 03:29:00 GMT

For assistance with replacing Diginotar PKI Overheid certificates, please contact info.nl@quovadisglobal.com or call 030 - 232 4320 or 030 - 234 2575.

The QuoVadis Trustlink BV website may be found at www.quovadisglobal.nl.

QuoVadis Trustlink BV
Maliesingel 22
3581 BG Utrecht
The Netherlands

QuoVadis Advances Trust/Link Enterprise Managed PKI

Mon, 04 Jul 2011 12:48:00 GMT

QuoVadis today released a new generation of its Trust/Link Enterprise managed PKI, providing the features of a custom PKI in a cloud service that can be rapidly customised and deployed.

According to Roman Brunner, CEO of QuoVadis, “Many organisations want to enhance their online security using digital certificates but don’t want the delays, cost or distraction of running their own certificate authority. Using Trust/Link, IT managers can leverage QuoVadis’ world class PKI while maintaining focus on their core business applications.”

With its secure cloud-based infrastructure, Trust/Link easily scales to suit different customer needs for digital certificates that are trusted in major browsers, operating systems, and mobile devices:

SSL Efficiency and Dependable Cost - Trust/Link is a simple solution for organisations looking to fulfil all their SSL certificate needs from one portal for cost and efficiency reasons.
Simplify Digital Certificate Rollouts - Equally, Trust/Link is adept at managing end user digital certificates for access control, secure email, encryption, or digital signatures. Trust/Link allows customisable policies and provides a variety of workflows to suit customer’s business processes, as well as support for tokens/smartcards.
Enterprise Control and Delegation - Using Trust/Link, an organisation can maintain central control while quickly establishing sub-accounts for different business units or projects, each assigned with different certificate types, delegated granular administration, and custom request and approval processes.

Trust/Link uses pre-validated templates of commonly used domains and organisational details to allow straight-through processing by customers. The Trust/Link system also provides detailed reporting and audit tools to enhance customers’ control over the PKI.

Mr. Brunner continued, “Now in its fourth generation of development, Trust/Link is well proven in a range of scenarios, from basic SSL management to corporate extranet rollouts to mass fulfilment under national e-ID programmes. Based on QuoVadis’ experience, we’ve taken the opportunity to further refine Trust/Link’s intuitive user interfaces so that customers can reduce their support tasks. We’ve also expanded the configuration and workflow options available to our customers. We are confident that Trust/Link Enterprise is the most flexible managed PKI service on the market today.”

About QuoVadis
Founded in 1999, QuoVadis is a leading international certificate authority. QuoVadis digital certificates and time-stamps are used to identify users and devices, to ensure privacy and to protect data integrity using encryption, and to create legally valid electronic signatures. QuoVadis was an early member of the CA/Browser Forum and its certificates are trusted by default in all major browsers and operating systems, as well as Adobe Acrobat.

QuoVadis has held the WebTrust seal for more than six years, and is a Qualified certification service provider in Switzerland, Holland, and Bermuda. QuoVadis is also an authorised provider of certificates for SuisseID, the EU Grid academic computing network, the Dutch PKI Overheid and e-Herkenning programmes, and HM Revenue & Customs Secure Electronic Transactions (SET). To find out more about Trust/Link or to request a demonstration, please visit http://www.quovadisglobal.bm/CertificateServices/ManagedPKI/TrustlinkRA.aspx.

QuoVadis Achieves Sixth WebTrust Seal

Wed, 27 Apr 2011 01:06:00 GMT

QuoVadis has successfully completed its sixth annual WebTrust Seal of Assurance for Certification Authorities audit, conducted by Ernst & Young. In addition QuoVadis has renewed its WebTrust accreditation for Extended Validation (EV).

“As a leading international provider of Digital Certificates, QuoVadis is firmly committed to international certifications like WebTrust that validate the security of our PKI solutions and our compliance with industry best practices,” said Barry Kilborn, Chief Risk and Compliance Officer of QuoVadis.

WebTrust was established by the American Institute for Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA) as a code of practice for Certification Authorities (CAs) issuing publicly trusted Digital Certificates. The audit covers practices surrounding customer authentication; security surrounding the CA infrastructure, business continuity, and handling of customer data.

WebTrust for EV was created to qualify CAs to issue Extended Validation SSL Certificates under the standards maintained by the CA/Browser Forum (http://www.cabforum.org) for enhanced authentication of the identity of a website’s owner. QuoVadis was one of the first providers to qualify to issue EV SSL in 2006.

In addition to its WebTrust Seals, QuoVadis is accredited as a Qualified Certification Services Provider (CSP) in Switzerland, Holland, and Bermuda under ETSI TS 101.456 and other relevant standards.

For more information, please visit QuoVadis’ accreditations repository.

CA/Browser Forum Releases Draft “Baseline Requirements” for SSL

Mon, 11 Apr 2011 08:53:00 GMT

QuoVadis is a longstanding member of the CA/Browser Forum, a group of leading Certification Authorities and software vendors.

Acknowledging the growing importance of SSL digital certificates for security on the Internet, in 2007 the CA/Browser Forum created the “Guidelines For The Issuance And Management Of Extended Validation (EV) Certificates”. The EV Guidelines were the first industry-wide set of standardized procedures for verifying and expressing the identity of an SSL/TLS certificate holder. QuoVadis has been audited for compliance to the EV Guidelines since 2007.

Alongside the EV work, members of the CA/Browser Forum have collaborated over the last two years to develop a broader set of baseline requirements covering the validation and issuance of all SSL, including both Domain-validated (DV) and Organisation-validated (OV) SSL.

The CA/Browser Forum is now seeking public comments on these new “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” through the end of May 2011.

According to a spokesperson for the CA/Browser Forum, “Representatives of the major browser suppliers and Internet certification authorities have long recognized the need to establish and enforce common standards for assurance across the industry. The current draft of the Baseline Requirements represents an initial step in that direction. We welcome input from others with expertise to share. And we expect to continue to enhance these requirements as the threat landscape evolves.”

During the public comment period, the CA/Browser Forum encourages discussion of the draft requirements on the Mozilla Dev-Security-Policy discussion list at http://groups.google.com/group/mozilla.dev.security.policy/topics. Those desiring to comment directly to all members of the CA/Browser Forum, but not specifically for purposes of open public discussion on the Mozilla list, may send email to questions@cabforum.com.

Following adoption of Version 1.0 of the Baseline Requirements, the CA/Browser Forum will request that all browser and relying party application software developers incorporate the Baseline Requirements into their accreditation and approval schemes as requirements for all applicants who request that a self-signed root certificate be embedded as a trust anchor in their software.

The CA/Browser Forum also intends that the ETSI ESI Committee and AICPA/CICA Task Force on the WebTrust Program for CAs will coordinate revisions to their respective audit standards such that the Baseline Requirements will become auditable requirements starting in June 2011.

QuoVadis and Cloud Security Accreditation

Tue, 22 Mar 2011 04:52:00 GMT

Barry Kilborn, QuoVadis Chief Risk and Compliance Officer has achieved a new certification from the Cloud Security Alliance, one of the first accreditations dealing with the security challenges of the fast evolving cloud computing model.

“Cloud computing” is a metaphor for Internet-based services, with the name derived from the cloud image used to represent the Internet in computer network diagrams. The idea of cloud computing is that subscribers can access customisable software, storage, or servers from a shared service over the internet, rather than operate the technology on computers in their own premises. The cloud model provides many benefits, ranging from rapid scalability to lower costs as subscribers only pay for the resources they use.

QuoVadis has provided extensive virtualisation and managed hosting services in Bermuda since 2003 from its high availability SecureCentre data bunker. Recently, the company announced a bold expansion with the construction of a new multimillion dollar hosting facility in downtown Hamilton, providing both dedicated hosting and infrastructure on demand services. The new datacentre is tailored for the next generation of high density technologies – such as cloud computing – with an advanced architecture to support clients’ high standards for energy efficiency, resilience and uptime.

According to Gavin Dent, CEO of QuoVadis Services, “In these challenging economic times, companies are actively pursuing the increased agility and cost saving benefits of managed datacentre and infrastructure on demand services. But as their sensitive data and transactions are outsourced, companies also need assurance that their hosting and cloud solution providers are skilled in the security controls used to increase reliability and trust.”

“With our corporate background in Internet security, QuoVadis has a long track record of operating to world class standards for security and availability, and for maintaining demanding external audits of its performance. This provides enhanced comfort for companies that are considering QuoVadis SecureCentre for their managed hosting and infrastructure on demand,” continued Mr. Dent.

Mr. Kilborn oversees all security practices at QuoVadis, including enterprise risk management. Mr. Kilborn has over 13 years experience in IT risk and assurance having previously served as a Senior Manager for Ernst & Young. In addition to the Certificate in Cloud Security Knowledge (CCSK), he is a qualified Chartered Accountant, Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified Information Privacy Professional (CIPP). He is president of the Bermuda Chapter of the Institute of Internal Auditors (IIA).

Mr. Kilborn says, “Cloud technologies offer exciting opportunities for companies to increase their flexibility and reduce costs. But the old responsibilities for data protection, compliance and security are even more important. Internationally, QuoVadis has developed a strong reputation in the field of online security so it’s natural for us to focus on compliance and risk management as we expand our offerings in datacentre and cloud services, with our best practices verified by external experts in the field. ”

QuoVadis designed its new SecureCentre datacentre and cloud services taking into account established standards from the Cloud Security Alliance, the National Institute of Standards & Technology (NIST), the International Organisation for Standardisation (ISO) and the BITS Financial Services Roundtable, among others.

For more information about QuoVadis SecureCentre hosting solutions, please visit here.