KeyTrust was founded in Australia 16 years ago. The company has traditionally been recognised as a developer and provider of managed security services for vertical markets, such as health, legal, manufacturing, financial services and government. KeyTrust consists of four divisions that cover the complete spectrum of organisation security requirements:

KeyTrust Managed Services     Lowers costs by providing large-scale     community-of-interest secure services     amortised across multiple communities	KeyTrust Security     Delivers best-of-breed     security products and related     professional services
KeyTrust Consulting     Delivers consulting services that cover     the complete security and trust value chain	KeyTrust Asia     Delivers Australian technology     and managed services into     the Asian region

Secure Virtual Private Networks (VPN) enable site-to-site (for distributed branches/offices) and client-to-site (for remote user access) interconnection across the Internet. KeyTrust supplies and integrates a complete range of components required to implement VPN's, including network routers (ATI Teltrend, Cisco), security gateways (Alcatel/TimeStep) and firewalls (Nokia and Checkpoint).

VPN-specific security functions are provided, employing encryption protocols (primarily IPSec) and tunneling, as well as virus scanning and intrusion protection software solutions. Customers requiring more advanced network security features are offered token devices (GemPlus, DataKey & Rainbow iKey etc), digital certificates (Entrust Technologies), as well as desktop security services such as file and directory encryption along with integrated secure email firewalls considered critical in the mobile environment many senior company executives are operate today.

A typical engagement will require KeyTrust to configure and install the network on behalf of customers. Additional ongoing services include 24X7 network monitoring via KeyTrust's network operations centre, as well as maintenance and support.

KeyTrust is building a 'trusted transaction fabric service' designed to facilitate cost-effective and highly secure relationships within and between communities-of-trust. The service addresses a growing recognition by many organisations of the need to develop robust and universal security solutions at the network architecture level, rather than persevering with a fragmented approach to information protection.

KeyTrust has brought together a number of service providers and technology partners that are each "best of breed" in their respective areas. These modules often employ technologies with a high degree of complexity, requiring specialised resources to integrate, deploy and manage. KeyTrust supplies these services on an ongoing basis and, once implemented, they confer cost-effective security with a high level of reliability and transparency from an end-users perspective.

The core engine of the managed solution is centred on a PKI and Transaction Coordination facility. This turnkey service enables clients to rely on a trusted third party to verify the identity of parties to a transaction, utilising an authenticated and 'signed' digital certificates.

To obtain access to a client's network, an end user will connect to any ISP or private IP network, request network access from the client's security gateway and present their digital certificate. This is sent to the Certificate Authority (KeyTrust's) data centre for validation. If the user is authenticated, a closed encrypted session is established between the user and the client's gateway, thereby protecting the integrity and privacy of the information exchanged throughout the transaction.

KeyTrust also offers clients a range of local and centralised key management services including full key life cycle support (issuance, revocation and renewal), private key recovery and access to encrypted files in the event of corrupted, lost or expired keys.

Communities-of-interest networks (COINs) are the critical enablers of trust within and between extended membership groups. KeyTrust's policy-based directory service enables finely granulated on-demand validation of network access service requests by, often disparate, on-line community members (i.e. employees, suppliers, partners and customers), at the Intranet, Extranet and Application Service Provision levels.

KeyTrust maintains the directory functions from its centralised SDC facility, and provides security administrators with a single interface Customer Support System (CSS) accessible from any web browser to access their own community directory, monitor user activity and update access policies in real-time. Once registered, users receive a personalised menu of the services they are entitled to access.

Non-repudiation is the inability to disavow transaction and, in the absence of traditional paper-driven processes, it is imperative to establish a secure electronic receipting system. KeyTrust's notarisation, time-stamping and receipting service enables electronic transactions to be transparently and digitally signed by the user, and proves to the Relying Party that the user did in fact originate and approve the transaction. These proofs are formally acknowledged and then recorded in a reliable third-party receipt vault (KeyTrust Document & Receipt Vault).

KeyTrust provides a range of secure and trusted document delivery, archival and management services that overlay an organisation's network architectures, and provide tools for managing documents in a dynamic workflow environment.

KeyTrust's Electronic Data Vaulting service enables clients to employ secure back-up solutions and tamper-proof long-term storage of data and records. Information, which is most often encrypted, can be archived locally or transmitted to KeyTrust's secure data hosting facility.

The storage service, which utilises Valicert's Document Authority software product, is built on an Oracle 8 database, and is compatible with FTP and SHTTP standards. Network administrators can manage (upload and download) corporate data via any browser interface, with appropriate security and access control functions built into the system.

KeyTrust provides information management services under its PKI service offering. According to IDC, 10-15 per cent of an organisation's revenues is spent creating, managing and distributing documents. At the same time, 80 per cent of these documents are stored on local hard drives and are therefore inaccessible to the organisation unless recreated on paper. KeyTrust's repository service allows users to share, store and exchange electronic documents over the Internet, using the concept of users, groups and roles to manage and attach ownership to documents, folders and messages. Based on a specific set of permissions, companies can efficiently and securely route information between customers, partners and employees. Digital receipts provide legal-grade evidence for every event during the transaction.

KeyTrust SecureMail enables users to send secure email anytime, anywhere, transparently. No extra steps or clicks are required.

An employee at a corporation can use KeyTrust SecureMail to send secure email to recipients within or outside of the enterprise. After the sender composes the email, he or she simply types recipient’s email ID and clicks the Send Secure button, which automatically encrypts the email using the email address. KeyTrust SecureMail does not require pre-enrollment of users email; even if the recipient has never used KeyTrust SecureMail, he or she is sreceive secure email.

The first time a user receives an encrypted message, he or she clicks on a link in the message header and downloads the KeyTrust SecureMail client. He or she then proceeds to enroll and authenticate to the appropriate SecurePolicy Suite. Upon successful authentication, the SecurePolicy Suite will present the recipient with a private key that is used to automatically decrypt secure mail in the user's mailbox.