Totemo AG provides secure email, file transfer, and mobile messaging solutions to securely exchange information since 2001. During all these years, the focus has not only been on data encryption, but also on ease of use and automatic administration. The cryptographic algorithms used by Totemo solutions are the most efficient and secure available. It is not, however, what makes the Totemo products stand out most, because at least equally important is how the identities and cryptographic keys involved in data protection are managed. This is what really makes Totemo solutions unique in the data in motion security field.

End-users should not have to care about how their data are secured technically. They should be provided with tools securing the data transparently, so that they can concentrate on their jobs. No company employee or member of an organization should be forced to learn how encryption protocols work in order to avoid compromising company data. It is a simple and obvious requirement, but also one that can only be achieved with very well-designed identity and cryptographic material management systems. Totemo solutions need to know exactly who (system or user) is communicating with whom at all times and how strongly the parties have been authenticated. This is where the Totemo Security Platform (TSP) comes into play: it takes care of the most important functions in strategic fields such as identity and key management.

Figure 1 – The main characteristics of the Totemo Security Platform (TSP)

The TSP is also intended to be a full-fledged Enterprise Key Management (EKM) system. As more data in the enterprise have to be protected, companies find themselves managing a growing number of keys. A disk encryption solution will use keys, as will any SSL/TLS-enabled Web server, or a backup system encrypting the data that it writes on tapes, etc. Each of these systems will come with its own key management functionality, meaning that defining and enforcing enterprise-wide rules will be difficult. Maintenance will be higher than it should be due to the multiplication of systems used for the same purpose. The TSP offers an optimal solution to this problem, as it is not only able to handle the keys needed by Totemo solutions. It can also manage all types of keys used by third-party systems, and this during their full lifecycle (creation, deployment, monitoring, rotation, expiration, etc.). In addition to the environments where it can be deployed, Figure 1 shows an overview of the TSP functionality. The embedded servers it includes and the main interfaces it offers are also illustrated.

The TSP enables Totemo solutions to be fully transparent by providing, among other features, advanced and intelligent user and key management. New users are automatically created precisely when they need to be, and all the appropriate keys are generated in the process. As soon as a user is not needed anymore, if for example he left the company, he is autonomously removed from the system. No manual intervention is required.

When more than one Totemo solution is in use at a company or organization, identities and keys are managed centrally by the TSP. The end-users thus always use the same credentials, no matter which solution is providing the functionality they are using at a given point in time. From an administrative point of view, any instance belonging to a Totemo solution is administered in one central place, the TSP user interface. The TSP supports direct library integration, messaging, Web services, and client-based batch integration.

The increase in the number of services that are running in the cloud makes the TSP even more pertinent and necessary. Data kept outside of the company premises must be even better protected. This constraint increases the amount of keys a company or organization has to manage, making an efficient Enterprise Key Management system more needed than ever. The TSP was also designed for the cloud because the Totemo solutions are available as cloud services (through Totemo partner companies).

Totemo is bringing some exciting new features and products at the end of 2010. They are based on the TSP and demonstrate how this platform contributes to keep Totemo at the forefront of innovation. New solutions can be brought faster and in a more consistent and integrated way. The current portfolio is maintained and developed efficiently, and the most interesting and important features are immediately shared between all Totemo solutions.