Security Best Practices

The ActivID Credential Management System (CMS) has been developed as a security product to provide a high level of security assurance to its owners, operators, and users. HID Global security processes have been implemented to meet the following ActivID CMS security objectives: ensuring the confidentiality, integrity and availability of keys, secrets, and other sensitive identity-related information so that only approved roles can access, manage, or use such information through ActivID CMS and its subsystem interfaces.

Deploying such a security product without controlling and maintaining at all times a secure configuration and operating environment does not, however, provide the assurance that all of the product security objectives are met.

This documentation provides the most important security recommendations for reliably countering threats to the ActivID CMS security objectives. These security recommendations result from extensive experience with smart card solution deployments in a variety of IT-maintained network environments.

By adhering to the recommendations described in this documentation, you should be able to protect yourself against a number of threats that have been identified, but it does not completely guarantee that ActivID CMS and the assets it protects are fully and permanently secured. Deploying and maintaining a secure system involves a sustained effort that requires IT security expertise and cooperation between IT professionals and other network and technical staff to ensure the proper execution and maintenance of security measures.

Topics in this section: