What is a cloud-based digital certificate?
A digital certificate is an electronic document emitted for natural or legal personalities. It associates their identity with a pair of keys: a private key that is kept secret by the certificate owner, and a public key that is shared with any recipient. This pair of keys is generated on a cryptographic device.
As for a cloud-based digital certificate, the cryptographic operations are carried out in a secure HSM server. It is supervised by a qualified Trust Service Provider.
It is as legal as a token-based process of signing. Moreover, it can be far more convenient.
So, what is the future of cloud-based technologies in the sphere of a document workflow?
The COVID-19 pandemic has made adjustments to the imminent process of global digitalization: corporate, industrial, educational, and government organizations are affected. It revealed the shortcomings of digital infrastructures. Applications for holding meetings, working in document management systems, making remote transactions, and signing contracts - all of them have shown inconsistent performance and some technical errors.
Enterprises and institutions had to switch to a remote work format, following the directions of authorities; most of them faced financial meltdown.
However, any crisis is often the starting point of progress: many traditional activities will be transferred online and never return to their previous format.
As for the document workflow, the cloud-based digital signature is becoming quite popular. Presumably, almost all elements of office processes related to documents will be transferred to the remote work and storage format. Even now, many companies exchange documents in the "clouds." Workers can create, store, and jointly edit texts and other files hosted on a remote server. As for a legally significant document workflow, it must comply with the requirements of the law for confirmation of the originality and legitimacy of the document. Many public authorities have accepted files signed by digital signatures. What are the advantages of using "cloud-based" digital signatures?
Advantages of a cloud-based electronic signature
The most apparent advantage is signers' mobility: a person does not have to sit at his desktop to sign and encrypt the document. It means that the user will sign any reports, acts, protocols, contracts, cover letters using various devices - smartphones, tablets, laptops, home computers, at any time. It is particularly convenient for those managers and executives who have to be absent from the workplace due to multiple business trips. Often employees have to wait for their chiefs because they do not have the legal right to sign and send the report.
Data security is one of the priority issues of concern for business owners of any size or heads of public authorities. Losing the key is a problem if you need to sign a document urgently. If the key is stolen, it can be used by fraudsters. However, if you store the signature key on a remote server of the certification authority, these fears are groundless. Despite the myth about the vulnerability of clouds, the keys are stored in a safe place. It is the certification center that is responsible for the safety of the keys. This security is provided by the HSM (hardware and software cryptographic module).
The absence of a token is one of the absolute advantages. The USB token or smart card can be lost or broken, or even stolen. It will not happen with the keys in the cloud. If you notify the Certification Center about the loss of the cryptographic key at once, there will be no serious consequences. However, even if illegal transactions are conducted, you can dispute them in court. But any legal process inevitably leads to time and financial costs.
Cost-effectiveness of cloud-based solutions: to take advantage of new opportunities, there is no need to purchase specialized software (for example, a license for the CSP, since the signing of documents is performed on the side of the certification center). In particular, you do not need a driver with a digital certificate - a token or a smart card.
The next advantage is that the cloud service significantly simplifies the deployment of a document management system with support for digital signatures. All operations go through the API. Moreover, cloud services are often scalable. High scalability means that no additional configuration or integration is required. Unlike traditional implementation, cloud solutions do not require extra equipment and software configuration.
On the whole, the prospects for cloud-based electronic documents and electronic document management are attractive. It is the case when the benefits outweigh the drawbacks.