Corporate & Human Resources

Within many organisations there are legal, regulatory and compliance requirements for data to be accurately documented and signed by one or more people responsible.

Businesses often use desktop software such as Microsoft Office or Open Office to create documents and then often convert these to PDF once finalised. Policies and procedures, monthly reports, project management documents, compliance statements and other data are often output as PDF files. This is generally done for good reasons including (a) to make the document harder to change, (b) to make it easier to view (render) on almost any system (including mobile devices) and increasingly (c) to take advantage of the stronger controls and handling of digital signatures within PDFs.

Many larger organisations also use document management systems to store and workflow the documents for collaboration purposes. However very often this drive to cut out paper by using e-documents draws to an abrupt halt at the stage where document approval is needed, leading to documents being printed to gather approval digital signatures and then re-scanned. An effective end-to-end document workflow system needs an electronic approval capability.

Digital certificates can be used to identify internal users and allows access via IAM systems. They can also enable documents to be digitally signed as part of approval process within document management systems. Such digital signatures provide excellent authenticity, integrity and traceability for documents such as purchase requests, expenses, HR reports, compliance and quality reports, acceptance of new policies and procedures, project management and delivery acceptance. Handling all this information on-line and signed by key individuals ensures that an effective audit trail exists to meet internal controls needs, plus any external regulatory or legal requirements.

WHY ASCERTIA?

There are very good reasons for choosing Ascertia digital signature products for manufacturing and engineering projects and these include:

Ability to approve and apply electronic (digital) signatures to any type of document

Ascertia’s products offer the widest support for digital signature formats and standards and the greatest flexibility in how to implement these. The products support PDF, XML, PKCS#7, CMS, S/MIME and PKCS#1 digital signatures as required to sign business documents.

Ability to provide fast, scalable eID validation

To provide strong identity assurance and to grant access to systems and applications over a mutually authenticated SSL connection, usually working in conjunction with IAM systems

Long-Term Digital Signatures

Ascertia is a clear leader in creating long-term digital signatures which can be verified many years in the future, an essential requirement for most government related data. We support all the ETSI XAdES and CAdES as well as latest PAdES (PDF format) profiles.

Multiple Signing in Options

Different applications have different needs for how digital signatures are created. Some require server-side batch-signing in features, some require digital signatures to be created locally by users that have eID smartcards or secure USB tokens. Others even want key and certificate roaming solutions that offer virtual “smartcards”. Ascertia’s ADSS Server and Go>Sign Applet already provide all these options and more.

Multi-Platform Support

Organisations cannot control which systems and browsers end-users will work with when submitting documents. It is essential the digital signature and encryption solutions work on any platform with any browser and support multi-lingual capability. Go>Sign Applet supports all Windows platforms as well as many Linux versions and has also been tested in various browsers.

More than just digital or electronic signatures / digital signatures

Digital signature creation is only one part of the solution that e-Gov initiatives need – there are also requirements for signature verification, trust anchor management, key management, certification, real-time certificate validation, time-stamping and secure long-term archiving. ADSS Server is unique in being able to address all these requirements in one multi-function server. All these services are based on leading industry standards including OASIS DSS & DSS/X (singing, verification and encryption), RFC 3161 (timestamping), IETF LTANS (archiving), RFC 6960 (OCSP validation), RFC 5055 (SCVP validation), W3C XKMS (validation), etc.