Eliminate certificate-related outages fast (2 weeks Contract)

This service contract is designed for organizations that need an emergency, same-day deployment with a secure on-premises PKI with automated certificate enrollment and renewal, for private/internal certificates. I help facilitate and implement a properly architected Certificate Authority and autoenrollment framework to ensure scalable, compliant, and low-touch certificate lifecycle management from day one.

1. Deploy a PKI extremely fast (under 1 day) - a temporary or permanent

   • Present the overall architecture - 30 min

   • Adhere to Zero Trust Principles

   • Automation of your choice (eg ACME, CMPv2, SCEP, EST, IoTLW and more)

   • Provide an MFA

   • Set up Separation of Duties and Two-Person control

   • Build a secure architecture with front-end and back-end design to eliminate attacks to your private network, while training on the job and capturing videos for on the spot training.

2. Provide 2-3 days full training - theory and practical to get the team up confident and a functional level. 

3. Daily meetings on "day 2" for log inspections, and ensure secure guidelines are followed. In addition, to guide other non functional requirements, such as bill back to internal business units. 

4. Week two, 

Disclaimer: This is heavily dependent on the organization's technical/operational team to help with same day firewalls configurations, HSM (if the organization requires one), database used in the organization (otherwise PostgreSQL is used), setting up the Servers (eg Linux RHEL). 

I would require the team to be versatile, nimble and agile. This is dependent on how fast the organization works. As part to of my services, I introduce and facilitate the contract with one of the best and competitive price point vendor that is on the market used European Governments. 

For this to work, you would have needed to choice an autoenrollment protocol prior to starting the project. Typically, this is ACME, CMPv2, etc.