GUIDEBOOK
ENTRUST DATACARD
PROGRAM: SECURITY AND INFRASTRUCTURE
DOCUMENT R54  MARCH 2017
ANALYST
Seth Lippincott
Nucleus Research Inc. 100 State Street Boston, MA 02109 NucleusResearch.com Phone: +1 617.720.20001
March 2017  Document R54
THE BOTTOM LINE
Entrust Datacard provides customers with a commercial
security public key infrastructure (PKI) solution that addresses
authentication and data protection needs for enterprise and
government customers. Nucleus analyzed the experiences of Entrust
Datacard customers in these sectors and found that customers were able to reduce
risk, improve security information auditing, increase end user productivity, and
reduce IT staff costs.

THE BUSINESS CHALLENGE
In an increasingly complex omnichannel digital world, businesses need to be able to
operate with confidence despite constantly evolving network environments and
security threats. The expansion of mobile, web, and cloud is changing how
information is accessed and shared, requiring network security capabilities that can
keep pace. With the new digital paradigm of constant access from any device and
any location, companies are looking for robust and scalable solutions that can help
them manage their network integrity.
One way companies can maintain network security is by implementing a public key
infrastructure solution. Public key infrastructure (PKI) is the system of policies,
procedures, and roles that provide and manage digital signatures and public-key
encryption. PKI establishes and maintains digital keys and certificates in a network
environment, ensuring only those with proper authentication have access. As the
velocity and complexity of modern enterprises have increased, companies have
required PKI capabilities that are more flexible and responsive to a growing number
of scenarios.
With the myriad of enterprise applications and network configurations, many
companies elect to turn to a managed PKI service provider, so they can focus on
their core competencies. With a flexible yet consistent managed trust environment,
companies can focus on running their businesses regardless of access point and
location.
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
2
March 2017  Document R54
THE SOLUTION
Entrust Datacard PKI provides a trust infrastructure that allows organizations to
verify both sender and recipient identity, and ensure that the communication
between both parties remains verified, uncorrupted, and accessible only by them.
The vendor’s common management solution enables users to issue, provision,
manage, and authenticate the digital identities of both users and devices from one
platform. In addition to deploying as an on-premises solution, customers can
leverage the scalability and flexibility of a cloud offering. Entrust Datacard’s
managed PKI service offering allows companies to focus on day-to-day operations,
rather than maintaining secure access across devices and organizational access
points.
Importantly, customers often require PKI solutions to offer extensive flexibility to
address enterprise concerns across departments and to meet the needs of personnel
at every level of the organization. Entrust Datacard provides the horizontal
infrastructure customers need to support diverse network ecosystems. Customers
leverage the vendor’s extensive expertise deploying and managing PKI solutions,
having developed its proficiency since launching the first commercial PKI product.
Moreover, customers can work with the vendor to identify areas requiring key
customization both prior to and after deployment. In order to future-proof their
environments, customers can leverage the solution’s scalability to ensure the
solution matches their evolving security needs with both on-premises and cloud
deployments.
To better identify the reasons that led customers to choose Entrust Datacard, as
well as the benefits that customers have experienced from using the product,
Nucleus took a closer look at a group of customers across different industries.
WHY ENTRUST DATACARD
Nucleus found that customers chose and stayed with Entrust Datacard for its
breadth of functionality, flexibility, reduced IT burden, and responsive customer
support. For example, customers leveraging electronic data interchange (EDI)
services had their security needs met by the capabilities of Entrust Datacard’s PKI
solution. These customers, who were looking to establish a trust environment across
all the access points within their EDI systems, took advantage of the product’s
flexibility. Additionally, Nucleus found that legacy customers continue to renew
their product licenses rather than seek out competing solutions because the
vendor’s customer service team continually address their needs and support their
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
3
March 2017  Document R54
deployment. With the help of Entrust Datacard customer support staff,
organizations can eliminate issues readily without requiring extensive IT
involvement.
BREADTH OF FUNCTIONALITY
One of the most-cited factors that led customers to choose Entrust Datacard is the
number of capabilities offered by the product. Organizations were looking to invest
in a single service that could address authentication and data protection needs
across departments and devices. In addition to extensive functionality, customers
sought responsive customer service to address any issues and deep knowledge of
the solution. Customers said:




“After some soul searching to identify our needs, it didn’t take much looking
around to see that Entrust Datacard was the only one with all of the
capabilities we wanted.”
“Whenever the rare issue comes up, we’re always comfortable giving Entrust
Datacard a call and getting their help to resolve it quickly.”
“With [Entrust Datacard’s] common interface, we had the flexibility to mix
soft certificates and token-based certificates at different levels.”
“The main goal was to extend the use of certificates as wide as possible in
public e-services.”
FLEXIBILITY
When considering PKI solutions, customers said they wanted a product that had
flexible configuration options to ensure maximum organizational efficiency.
Customers needed a solution that would help personnel comply with security needs
without requiring extensive IT involvement. Customizability was also cited as a way
to drive user adoption via reduced learning curves. Customers said:



“Our stakeholders agreed that with the ability to configure our PKI as much as
possible, we were making the right choice.”
“Entrust Datacard’s involvement in tailoring our deployment to meet our
specific needs honestly made a difference.”
“Regardless of how an employee uses Entrust Datacard, we’re content with
having them use a product that took our concerns and put them at the
forefront.”
REDUCED IT BURDEN
Prior to deploying Entrust Datacard, customers said IT departments were overencumbered by the diverse security needs brought on by several security solutions
across devices and departments. Customers were looking for a one-stop-shop
product that would enable IT departments to have a common solution with which to
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
4
March 2017  Document R54
assist personnel across devices and departments both initially and on an ongoing
basis. Customers noted:



“The common interface was frankly a key selling point for us from an IT point
of view.”
“Our IT teams continue to express their appreciation of Entrust Datacard to
this day.”
“Without assigning a dollar value to it, I’m sure that our IT personnel are able
to dedicate time to more tasks than before.”
KEY BENEFITS
Nucleus found that Entrust Datacard customers leveraged customized deployment
strategies for implementations ranging from on-premises to hybrid (some cloud
features and others on-premises) and, as a result, experienced noticeable benefits.
The most cited benefits among customers included reduced risk, increased end user
productivity, improved security information auditing, and reduced IT staff costs.
REDUCED RISK
Entrust Datacard customers said they like the extensive capabilities offered by the
product. Beyond this, they particularly appreciate that the solution provides the core
confidentiality and secure authentication that they needed. Nucleus found that
customers reported clear gains regarding confidentiality and cited markedly lower
instances of security breaches.
Customers reduced the probability of a risk event by
an average of 62 percent.
Worth noting, customers were able to achieve these levels of reduced risk without
having to employ additional modules to augment the offering. Customers said that
had they chosen competing solutions, they would have been required to also
purchase external modules to achieve the same level of reduced risk.
Customers reduced the probability of a risk event by an average of 62 percent. Risk
was reduced directly as a result of improved confidentiality and secure
authentication. Customers said:


“Confidentiality of information has no doubt improved, especially with how
well Entrust [Datacard] integrates seamlessly with the products we use.”
“There’s no question that we now have an extra layer of protection on every
process.”
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
5
March 2017  Document R54



“Conversational topics are encrypted and won’t ever be eavesdropped on.”
“Without Entrust [Datacard], the authentication risks would’ve been
staggering.”
“Based on the usage of digital certificates, the personal data protection and
trust have increased.”
INCREASED END USER PRODUCTIVITY
Nucleus found that end users saved an average of 85 hours a year as a result of their
deployments. This translates to 4.3 percent of total work hours saved, with some
customers experiencing greater savings. Regardless of industry, customers
experienced significant time savings by relying on Entrust Datacard for their PKI
needs.
Using the solution, customers optimize processes, which yielded reduced
authentication times. This fostered an increased ability to focus on critical business
needs. Importantly, authentication processes were accelerated without sacrificing
their security posture. Users experienced time savings in day-to-day operations
from Entrust Datacard reducing the need for manual user involvement and did so
while reducing errors that could result from manual processes. Customers noted:




“Using Entrust [Datacard], our government customers are able to save at least
five minutes per e-mail. That adds up a lot over time.”
“The electronic way of internal and external communication with the use of
digital certificates has had a positive impact on productivity.”
“When you can take away the number of hoops people have to jump through
just to go about their day, they can do so much more.”
“Once they get over that initial learning curve, it’s very likely that our staff
saves some serious time.”
IMPROVED SECURITY INFORMATION AUDITING
Customers said the ability to audit access information from prior years was
invaluable. With some customers needing to be able to find information more than
15 years old for compliance and other reasons, they said that the solution’s
capabilities were crucial in that regard.
Entrust Datacard streamlines compliance for customers by providing a single place
to get audit data, allowing customers to do so without needing another solution to
aggregate the data. Accordingly, this results in reduced time spent pulling audit
data and optimizing common mechanisms across devices and departments.
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
6
March 2017  Document R54
Customers said the solution increased organizational visibility over retained data,
saving them resources that, without Entrust Datacard, would have been necessary
to address legal ramifications associated with compliance. Therefore, improved
security information auditing was widely recognized as a key benefit for most
customers. Customers noted:





“As far as we are concerned, Entrust [Datacard]’s ability to maintain key
history is the kind of distinguisher that makes our choice worthwhile.”
“It’s difficult to quantify in exact dollars what exactly we would lose if we
couldn’t see access data from years ago, but I have no doubt it’d be huge.”
“Being able to see that fifteen-year-old data is absolutely a clear-cut benefit for
us.”
“None of the other major options we considered offered this capability so we’re
obviously glad we picked [Entrust Datacard].”
“Migrating our data [to another solution] would be too expensive and pointless
for us now. We love the fact that we already have a clear picture of historical
usage.”
REDUCED IT STAFF COSTS
Since deploying Entrust Datacard, customers said that they were able to reduce the
need for IT involvement. Customers were able to reduce personnel costs by an
average of half of a full-time IT employee, with some users noting additional cost
reductions from even less IT involvement. Costs were also reduced with regard to
the amount of IT resources that were needed prior to using a common solution
across devices and departments for organizational PKI needs. Customers said:



“Moving to [Entrust Datacard] easily saved us 400,000 to 500,000 in people
and hardware that were indirectly linked to the PKI solution.”
“At our company, anything that requires public trust is protected by Entrust
Datacard and that saves us time and money that we would’ve otherwise
needed to allocate to IT.”
“We’re spending less on IT because Entrust [Datacard] unites security across
the organization. This means our IT staff can focus their energy on fewer
products.”
BEST PRACTICES
Organizations that leverage PKI solutions with the ability to audit security
information, meet compliance needs, and reduce manual involvement for users
stand to experience continued time and cost savings. Significant savings can come
from streamlined access to historical data needed for legal reasons and from having
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
7
March 2017  Document R54
a common solution to address all organizational security needs. By choosing a
common solution across devices and departments, customers are also able to better
future-proof. This is especially true after leveraging the flexibility of a common
solution to streamline compliance processes and daily user access itself.
Taking the time to identify long-term needs is an essential part of a successful PKI
deployment and one of the best ways to anticipate potential obstacles. With Entrust
Datacard PKI and the wide range of features it provides to customers, it is vital to
first establish what areas need to be tuned to meet regulations or policies prior to
going live with the solution.
Accordingly, customers that leverage extensive training before implementation are
able to see benefits faster than those who do not. This is especially true with
customers that leverage customer service agents to reduce roadblocks that could
negatively impact productivity.
Growing organizations are always in need of being able to allow newly on-boarded
personnel to hit the ground running. By devoting time and resources to fostering an
internal understanding of their PKI solution, companies take an important step
towards empowering personnel to be evangelists and educators for new users.
Especially with respect to the incoming cloud-forward workforce, being able to cut
down the learning curve can truly pay off in the long-term.
CONCLUSION
Beyond the decision to adopt a PKI solution, customers chose Entrust Datacard for
its ability to provide flexible and robust capabilities that address the needs posed by
the diversity of ways end users are accessing and sharing critical business
information in increasingly complex network environments. With the solution,
customers continue to see benefits in the form of end-user productivity, IT cost
savings, reduced risk, and improved security information auditing.
In addition to customers realizing savings with Entrust Datacard in the form of
organizational time and capital, customers benefit from the solution’s ability to
streamline processes from a common platform that addresses key organizational
authentication and data protection needs. The reduction in security risks delivered
by the solution and the quality customer support delivered by the vendor have built
strong customer loyalty. Customers are confident they can rely on Entrust Datacard
PKI to continue to provide a consistent trust infrastructure across their digital
ecosystem as their needs and use cases evolve in the future.
Copyright © 2017 Nucleus Research, Inc. Reproduction in whole or in part without written permission is prohibited.
Nucleus Research is the leading provider of value-focused technology research and advice.
NucleusResearch.com
8