ADCS ACR
-
Automatisation of certificate revocation (blacklisting) in organizations where a Microsoft Active Directory and PKI infrastructure is implemented. Typical certificates are certificates for Wifi, VPN or Mail. No limit in how many different certificate types can be handled. Revocation is based on state of object in Active Directory (removed, locked, disabled).
-
Report: is sent out via mail if an error or malfunction occurs to chosen personnel
Benefits:
-
Security enhancing: If a computer goes missing you want to know that nobody can re-use the certificates and connect to the company network or send signed mail on behalf of somebody else.
-
GDPR compliance: When an employee quits his/her job we need to make sure not to keep any reference of user information laying around especially not cryptographic keys that legally binding for that user and potentially damaging if it gets in the wrong hands.
-
No manual interaction: Before, IT administrators needed to perform this task manually (when a computer goes missing, employee quits or chances positions etc.) and it would get missed or overlooked a lot of the times.
-
Trust: Now you can rely on the company’s certificate more since you know that all certificates that a valid actually belong to active computers and employees.
-
Auto Reporting: Reports sent through customer mail system.