Q: Can you please provide our readers with a brief background of the company?

 

ES: Entrust helps protect identities and information — that is our core value proposition and those are really the two most valuable assets that you have from a security perspective. Their use is so strongly interlinked that it’s helpful that Entrust addresses those in a cohesive fashion. We have about 1700 customers today and they are concentrated in the financial and government sectors although we do spread into other large enterprises as well. It’s not too surprising that from a pure play security vendor our focus will be financial and government early on because they both tend to be the vertical where security problems are the most acute and the pressure to act is most significant. We’ve been in business since 1994,we had our IPO in 1998, have about $100 million in revenue annually and are currently debt free. PKI - Public Key Infrastructure has really been our roots we’ve evolved almost since than to expanding the solution set. The two major expansions of notes are adding/ extending the range of authentication options that we provide so that there is a spectrum of choices from username and passwords all the way up to PKI with some other choices in between. We’ve added fraud detection as a way to supplement authentication and we have also built some information protection solutions  that optionally leverage the PKI. So that things for securing mail and securing folders that gives us a portfolio that lets customers address security in a layered approach. So, we’re not trying to deploy one solution that fits all needs, but rather layer in a number of solutions that help boost the overall security of the environment. 

 

Q: Would you say that this past year has been a good one for Entrust and if so, why?

 

ES: Absolutely. We have had positive results financially, but we also saw very strong results for PKI, in particular, which is a core strength for Entrust. Interestingly from 2006 to 2007 we saw 40% license revenue growth for PKI solutions alone. We have really seen that emerge as a result of increased adoption in strong authentication. PKI is really attractive for things like enterprise authentication for smart cards and building access and so on. But also because of a number of government initiatives related to identity credentials for employees as well as citizens.

 

Q: To follow up on that point. The company recently announced the launch of the most advanced iteration of PKI to date in Entrust Authority 8.0. Can you please elaborate on this and how the Authority 8.0 helps to secure borders and protect ePassport initiatives?

 

ES: Entrust Authority is our core PKI platform and the focus of the 8.0 release is laser sharp on the government eID and ePassports space specifically. As your readers may already know, governments have been gradually putting electronics onto the passports themselves to provide more information to inspection stations at borders so that the information can be verified and the passport can be more trustworthy. We have been through one generation already of electronic passports deployed in numerous countries, including the US for example where there is some biometric data stored on an RFID chip on a passport. That’s digitally signed data so it cannot be tampered with. The next generation of electronic passports are already in the planning stages in Europe specifically. Those passports add a layer of privacy protection around the biometric data on the passport enabling more data to be put on that passport because the inspection station needs to authenticate itself to the passport before any sensitive data will be released. The engineering in supporting that kind of passport is quite extensive. It’s new technology in a lot of ways for anybody in the PKI space, so we’ve invested heavily to support that capability, support a full stack so that you can deploy various servers in an ePassport environment as well as the inspection station capabilities of the places, the servers at airports or border crossing points where passports will be verified. So really the focus is to address this market of global governments who will be moving to the second wave of ePassports and need specialized PKI infrastructure that’s been standardized by the ICAO to support these unique requirements.

 

Q: You mentioned that financial and governments were very important vertical markets for the company in the early stages. What vertical markets are you concentrating on now and where are you seeing the greatest growth?

 

ES: Well, I’ll answer your question in two ways. Certainly the financial and government vertical markets are still growing and they are very important. So the government vertical is still growing in new ways whereas over the last few years we saw growth in the government space because of employee and contractor credentialing projects such as the HSPD 12 initiative in the US and some more initiatives globally. We are starting to see a fresh wave of growth related to large scale ID projects so we have done national ID programs in a number of countries, such as Spain. We have been doing Passport projects in countries like the US and we are seeing a range of these projects on the radar now that is a big priority for governments. In the finance space there has been a lot of pressure in the last year or two to improve the state of consumer authentication and do that in a non intrusive way. We are seeing a lot of demand for a combination of our authentication layers as well as our fraud protection layers and that market continues to grow because of the phishing threat. We are seeing phishing attacks are on the rise and customers need to deal with that. Beyond those two verticals which continue to be strong for Entrust we are seeing growth in other large Fortune 500 enterprises so you start thinking about the Energy vertical, utility vertical, these types of places where the information assets are very sensitive or the access controls are very important and those organizations are starting to move towards stronger authentication. A lot of organizations were using usernames or passwords or something else that is fairly weak for authentication or they are getting tired of carrying around certain types of physical credentials for users that are looking at a refresh. So smart cards projects are big, value of a combined physical logical access is big, and securing a remote access is big because of the PCI pressures from the credit card industry.

 

Q: Are there partnerships or alliances that are proving to be important for the growth of your company?

 

ES: Absolutely, we don’t live in isolation in these environments, in particular around the authentication base and Entrust doesn’t make cryptographic hardware. So in a lot of these projects where smart card or other types of crypto chips or other types of hardware security modules are being used we certainly relied on partnership with the likes of SafeNet,nCipher, ActivIdentity and Gemalto and any other typical players in hardware space to deliver the hardware component of these solutions. That’s absolutely essential.

 

Q: You just also recently announced, “IdentityGuard OTP tokens secure access to corporate resources for remote workforce”. Can you please describe this for us?

 

ES: That was a customer announcement related to a life insurance firm called Universa, and the challenge they had was to authenticate employees for remote access for a VPN as well as Outlook Web Access, which is a fantastic web based interface into your Microsoft Exchange environment. The typical way that organizations deploy these solutions, the traditional ways, is to use usernames and passwords for this, more and more because of common sense or because of PCI pressure they are looking for a second factor of identification. So what we offer is a spectrum of choices for strong authentication and these can all be mixed and matched using our communication platform. You don’t have to put all the users on a particular type of credential. It gives the customers a lot of flexibility — in this case Universa put approximately 900 users onto Entrust’s IdentityGuard OTP tokens for example. These are tokens where you press a button on the token and receive a one time password, which you than enter into the VPN identification prompt or into web access identification prompt. We are seamlessly integrated into the VPN brands that are dominant, into Outlook Web Access and that makes it really easy for customers like Universa to add strong authentication into a remote access environment.

 

Q: So, what’s next for Entrust?

 

ES: Well lots of things, we still have a lot of opportunity and a lot of capability to come with respect to electronic identities for governments, from the passport perspective as well as credentialing. I think what you’ll see is the expansion in the range of form factors that we offer in our authentication platform and our customers are starting to ask about enterprise use of federation technology so that they can leverage credentials from other organizations inside theirs. That is something Entrust has supported for a long time and it’s starting to hit the enterprise in ways that were not necessarily predicted for federation technology when it started up a few years back.