Implement homomorphic encryption on server keys

The Client

Leading Bulgarian company in the field of software development, needed a system to securely store and manage their secrets, and remove the secrets storage from 3rd party programs such as Servers for Automation.

The Case

Our team implemented a server for storing and managing all types of secrets in the customer’s company. The server was configurated to provide homomorphic encrypted keys only to employees with rights to access them. We established integration with the Domain controller of the company, in order for employees to be able to access the secret engine server with their corporate logins.

A tailored plugin for the automation server was developed by our team, for the needs of the client company to verity that no sensitive data will be stored in automation server, and none of it will be shown in the logs of the execution.

An extra layer of security was implemented, by ensuring that employees will have rights to use automation server only for a limited amount of time, via renewable homomorphic encrypted keys, which are fully trackable if needed.

Full documentation and training, created by our team has been provided, on the new server and it’s use to our client’s employees.

Outcomes

  • Eliminate more than 40 hardcoded/embedded secrets
  • Real-time ability to track who and where is using a secret
  • Enhanced cyber-protection on secrets around the company
  • Gaining an additional layer of defense
  • Increased ability to meet corporate security objectives by employees
  • Security hardening of the entire infrastructure, which would prevent from data and information leakages