QuoVadis Bermuda News

QuoVadis and Cloud Security Accreditation

Tue, 22 Mar 2011 04:52:00 GMT

Barry Kilborn, QuoVadis Chief Risk and Compliance Officer has achieved a new certification from the Cloud Security Alliance, one of the first accreditations dealing with the security challenges of the fast evolving cloud computing model.

“Cloud computing” is a metaphor for Internet-based services, with the name derived from the cloud image used to represent the Internet in computer network diagrams. The idea of cloud computing is that subscribers can access customisable software, storage, or servers from a shared service over the internet, rather than operate the technology on computers in their own premises. The cloud model provides many benefits, ranging from rapid scalability to lower costs as subscribers only pay for the resources they use.

QuoVadis has provided extensive virtualisation and managed hosting services in Bermuda since 2003 from its high availability SecureCentre data bunker. Recently, the company announced a bold expansion with the construction of a new multimillion dollar hosting facility in downtown Hamilton, providing both dedicated hosting and infrastructure on demand services. The new datacentre is tailored for the next generation of high density technologies – such as cloud computing – with an advanced architecture to support clients’ high standards for energy efficiency, resilience and uptime.

According to Gavin Dent, CEO of QuoVadis Services, “In these challenging economic times, companies are actively pursuing the increased agility and cost saving benefits of managed datacentre and infrastructure on demand services. But as their sensitive data and transactions are outsourced, companies also need assurance that their hosting and cloud solution providers are skilled in the security controls used to increase reliability and trust.”

“With our corporate background in Internet security, QuoVadis has a long track record of operating to world class standards for security and availability, and for maintaining demanding external audits of its performance. This provides enhanced comfort for companies that are considering QuoVadis SecureCentre for their managed hosting and infrastructure on demand,” continued Mr. Dent.

Mr. Kilborn oversees all security practices at QuoVadis, including enterprise risk management. Mr. Kilborn has over 13 years experience in IT risk and assurance having previously served as a Senior Manager for Ernst & Young. In addition to the Certificate in Cloud Security Knowledge (CCSK), he is a qualified Chartered Accountant, Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified Information Privacy Professional (CIPP). He is president of the Bermuda Chapter of the Institute of Internal Auditors (IIA).

Mr. Kilborn says, “Cloud technologies offer exciting opportunities for companies to increase their flexibility and reduce costs. But the old responsibilities for data protection, compliance and security are even more important. Internationally, QuoVadis has developed a strong reputation in the field of online security so it’s natural for us to focus on compliance and risk management as we expand our offerings in datacentre and cloud services, with our best practices verified by external experts in the field. ”

QuoVadis designed its new SecureCentre datacentre and cloud services taking into account established standards from the Cloud Security Alliance, the National Institute of Standards & Technology (NIST), the International Organisation for Standardisation (ISO) and the BITS Financial Services Roundtable, among others.

For more information about QuoVadis SecureCentre hosting solutions, please visit here.

QuoVadis Sponsors 2011 Catlin Bermuda End-to-End

Tue, 05 Apr 2011 05:18:00 GMT

In 2011, QuoVadis is again giving as Principal Sponsor of the Catlin Bermuda End-to-End.

The Catlin End-to-End is Bermuda's most popular community fund raising event, attracting more than 2,000 people each year to walk, swim, or ride across Bermuda raising money for local charities. Over the past 24 years, the End-to-End has given more than $3.7 million to Bermuda good causes. Over the years, several members of QuoVadis management have acted as Directors of the End-to-End charity, with extensive involvement in the event's organisation.

Funds raised in the 2011 End-to-End will support the Meals on Wheels, The Family Centre, Windreach, Friends of Hospice, the Multiple Sclerosis Society of Bermuda, Lady Cubitt Compassionate Association, Caron, the Bermuda Duke of Edinburgh Award, Raleigh International, Bermuda Sea Cadets, and the Bermuda National Gallery.

Read more about the Catlin End-to-End, sign up online, or pledge towards participant's "fun raising" goals at www.bermudaendtoend.bm. You can follow the End-to-End on Twitter at www.twitter.com/catlinendtoend.

QuoVadis Advances Trust/Link Enterprise Managed PKI

Mon, 04 Jul 2011 12:48:00 GMT

QuoVadis today released a new generation of its Trust/Link Enterprise managed PKI, providing the features of a custom PKI in a cloud service that can be rapidly customised and deployed.

According to Roman Brunner, CEO of QuoVadis, “Many organisations want to enhance their online security using digital certificates but don’t want the delays, cost or distraction of running their own certificate authority. Using Trust/Link, IT managers can leverage QuoVadis’ world class PKI while maintaining focus on their core business applications.”

With its secure cloud-based infrastructure, Trust/Link easily scales to suit different customer needs for digital certificates that are trusted in major browsers, operating systems, and mobile devices:

SSL Efficiency and Dependable Cost - Trust/Link is a simple solution for organisations looking to fulfil all their SSL certificate needs from one portal for cost and efficiency reasons.
Simplify Digital Certificate Rollouts - Equally, Trust/Link is adept at managing end user digital certificates for access control, secure email, encryption, or digital signatures. Trust/Link allows customisable policies and provides a variety of workflows to suit customer’s business processes, as well as support for tokens/smartcards.
Enterprise Control and Delegation - Using Trust/Link, an organisation can maintain central control while quickly establishing sub-accounts for different business units or projects, each assigned with different certificate types, delegated granular administration, and custom request and approval processes.

Trust/Link uses pre-validated templates of commonly used domains and organisational details to allow straight-through processing by customers. The Trust/Link system also provides detailed reporting and audit tools to enhance customers’ control over the PKI.

Mr. Brunner continued, “Now in its fourth generation of development, Trust/Link is well proven in a range of scenarios, from basic SSL management to corporate extranet rollouts to mass fulfilment under national e-ID programmes. Based on QuoVadis’ experience, we’ve taken the opportunity to further refine Trust/Link’s intuitive user interfaces so that customers can reduce their support tasks. We’ve also expanded the configuration and workflow options available to our customers. We are confident that Trust/Link Enterprise is the most flexible managed PKI service on the market today.”

About QuoVadis
Founded in 1999, QuoVadis is a leading international certificate authority. QuoVadis digital certificates and time-stamps are used to identify users and devices, to ensure privacy and to protect data integrity using encryption, and to create legally valid electronic signatures. QuoVadis was an early member of the CA/Browser Forum and its certificates are trusted by default in all major browsers and operating systems, as well as Adobe Acrobat.

QuoVadis has held the WebTrust seal for more than six years, and is a Qualified certification service provider in Switzerland, Holland, and Bermuda. QuoVadis is also an authorised provider of certificates for SuisseID, the EU Grid academic computing network, the Dutch PKI Overheid and e-Herkenning programmes, and HM Revenue & Customs Secure Electronic Transactions (SET). To find out more about Trust/Link or to request a demonstration, please visit http://www.quovadisglobal.bm/CertificateServices/ManagedPKI/TrustlinkRA.aspx.

CA/Browser Forum Releases Draft “Baseline Requirements” for SSL

Mon, 11 Apr 2011 08:53:00 GMT

QuoVadis is a longstanding member of the CA/Browser Forum, a group of leading Certification Authorities and software vendors.

Acknowledging the growing importance of SSL digital certificates for security on the Internet, in 2007 the CA/Browser Forum created the “Guidelines For The Issuance And Management Of Extended Validation (EV) Certificates”. The EV Guidelines were the first industry-wide set of standardized procedures for verifying and expressing the identity of an SSL/TLS certificate holder. QuoVadis has been audited for compliance to the EV Guidelines since 2007.

Alongside the EV work, members of the CA/Browser Forum have collaborated over the last two years to develop a broader set of baseline requirements covering the validation and issuance of all SSL, including both Domain-validated (DV) and Organisation-validated (OV) SSL.

The CA/Browser Forum is now seeking public comments on these new “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” through the end of May 2011.

According to a spokesperson for the CA/Browser Forum, “Representatives of the major browser suppliers and Internet certification authorities have long recognized the need to establish and enforce common standards for assurance across the industry. The current draft of the Baseline Requirements represents an initial step in that direction. We welcome input from others with expertise to share. And we expect to continue to enhance these requirements as the threat landscape evolves.”

During the public comment period, the CA/Browser Forum encourages discussion of the draft requirements on the Mozilla Dev-Security-Policy discussion list at http://groups.google.com/group/mozilla.dev.security.policy/topics. Those desiring to comment directly to all members of the CA/Browser Forum, but not specifically for purposes of open public discussion on the Mozilla list, may send email to questions@cabforum.com.

Following adoption of Version 1.0 of the Baseline Requirements, the CA/Browser Forum will request that all browser and relying party application software developers incorporate the Baseline Requirements into their accreditation and approval schemes as requirements for all applicants who request that a self-signed root certificate be embedded as a trust anchor in their software.

The CA/Browser Forum also intends that the ETSI ESI Committee and AICPA/CICA Task Force on the WebTrust Program for CAs will coordinate revisions to their respective audit standards such that the Baseline Requirements will become auditable requirements starting in June 2011.

QuoVadis Achieves Sixth WebTrust Seal

Wed, 27 Apr 2011 01:06:00 GMT

QuoVadis has successfully completed its sixth annual WebTrust Seal of Assurance for Certification Authorities audit, conducted by Ernst & Young. In addition QuoVadis has renewed its WebTrust accreditation for Extended Validation (EV).

“As a leading international provider of Digital Certificates, QuoVadis is firmly committed to international certifications like WebTrust that validate the security of our PKI solutions and our compliance with industry best practices,” said Barry Kilborn, Chief Risk and Compliance Officer of QuoVadis.

WebTrust was established by the American Institute for Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA) as a code of practice for Certification Authorities (CAs) issuing publicly trusted Digital Certificates. The audit covers practices surrounding customer authentication; security surrounding the CA infrastructure, business continuity, and handling of customer data.

WebTrust for EV was created to qualify CAs to issue Extended Validation SSL Certificates under the standards maintained by the CA/Browser Forum (http://www.cabforum.org) for enhanced authentication of the identity of a website’s owner. QuoVadis was one of the first providers to qualify to issue EV SSL in 2006.

In addition to its WebTrust Seals, QuoVadis is accredited as a Qualified Certification Services Provider (CSP) in Switzerland, Holland, and Bermuda under ETSI TS 101.456 and other relevant standards.

For more information, please visit QuoVadis’ accreditations repository.

Bermuda Businesses Should Review Hurricane Plans

Tue, 19 Jul 2011 03:21:00 GMT

With Tropical Storm Bret kicking off the 2011 hurricane season, Bermuda disaster recovery specialists QuoVadis remind all local organisations of the importance of creating business continuity plans.

According to Gavin Dent, CEO of QuoVadis Services, “Every organisation should take the time now to think through their planning for storms that might disrupt normal business operations. It’s simple insurance to be able to respond to staff and customers even during challenging conditions.”

For example, what will your organisation do if the office has no power or is inaccessible for an extended period? How will you communicate with staff and customers? How will you protect your data and technology during power outages? Do you need alternative secure workspace for critical staff with guaranteed power and connectivity? Have you documented and tested plans in case your key personnel are unavailable during an incident?

“Following Hurricane Fabian in 2003, Bermuda was painfully reminded of the value of solid disaster recovery preparations. After eight relatively quiet storm seasons, it may be time for organisations to revisit their plans to ensure they can snap back to normal business operations in the event of a local emergency,” continued Mr. Dent.

The NOAA Climate Prediction Center predicts an above-normal hurricane season in 2011 with 12 to 18 named storms of which 6 to 10 could become hurricanes, and 3 to 6 could become major hurricanes (Category 3, 4 or 5).

For more information about QuoVadis business continuity services please visit here .

Executive Breakfast on Business Continuity and Operational Risk Management

Wed, 31 Aug 2011 07:36:00 GMT

QuoVadis and Foreshore are sponsoring an Executive Breakfast Session on Business Continuity and Operational Risk Management on September 13, 2011.

Who should attend?
C-suite executives, IT risk management, business unit managers, CROs, OR management, internal auditors, HR heads, and board members.

What problem does this presentation help solve?
Strategic overview of operational risk management from computer systems failure, people risk, failed business processes, and external events perspective.

The session will be lead by Jay Ranade, an internationally renowned expert on operational risk, computers, communications, disaster recovery, IT Security, and IT controls. He has written and published more than 35 IT-related books on various subjects ranging from networks, security, operating systems, languages, and systems. He also has an imprint with McGraw-Hill with more than 300 books called “Jay Ranade Series”. Jay has consulted and worked for Global and Fortune 500 companies in the US and abroad including American International Group, Time Warner, Merrill Lynch, Dreyfus/Mellon Bank, Johnson and Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, and Credit Suisse. He also teaches graduate-level classes on Information Security Management and Ethical Risk Management at New York University. Jay is also adjunct professor at St John’s University and teaches IT Auditing, Internal Auditing, and Operational Risk Management.

Jay is in Bermuda leading a course for the Certified Business Continuity Professional (CBCP) Exam on September 14-15.

Venue: Royal Bermuda Yacht Club
Time: 9:00am – 11:00am. Breakfast will be provided.
Cost of Session: FREE

To register, please contact Greg Adams at 1 (646) 205-9960 or gadams@edeltaconsulting.com.

Certified Business Continuity Professional Training in Bermuda

Tue, 30 Aug 2011 07:21:00 GMT

eDelta Consulting will offer a two-day CBCP (Certified Business Continuity Professional) Exam Training Course in Bermuda on September 14-15, 2011.

This training course is for professionals preparing to take the Certified Business Continuity Professional (CBCP) Exam. In this course, professionals will learn about the 10 Subject Areas of the Professional Practices for Business Continuity Planners as determined by Disaster Recovery Institute International (DRII):

Project Initiation and Management
Risk Evaluation and Control
Business Impact Analysis
Developing Business Continuity Strategies
Emergency Response and Operations
Developing and Implementing Business Continuity Plans
Awareness and Training Programs
Maintaining and Exercising Business Continuity Plans
Crisis Communication
Coordination with External Agencies

NOTE: The course includes lecture and reviews with the main goal of enabling individuals to pass the CBCP exam. Those who do not have the necessary 2 year experience can still attend the classes and appear for the exam but will qualify for Associate Business Continuity Professional (ABCP) certification upon successfully passing the exam.

Instructor Profile: Jay Ranade, CISA, CISSP, CISM, CBCP
Jay is an internationally renowned expert on computers, communications, disaster recovery, IT Security, and IT controls. He has written and published more than 35 IT-related books on various subjects ranging from networks, security, operating systems, languages, and systems. He also has an imprint with McGraw-Hill with more than 300 books called “Jay Ranade Series”. He has written and published articles for various computer magazines such as Byte, Magazine, and Enterprise Systems Journal. The New York Times critically acclaimed his book called the “Best of Byte”. He is currently working on a number of books on various subjects such as IT Audit, IT Security, Business Continuity, and IT Risk Management.

Jay has consulted and worked for Global and Fortune 500 companies in the US and abroad including American International Group, Time Life, Merrill Lynch, Dreyfus/Mellon Bank, Johnson and Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, and Credit Suisse. He is a member of the ISACA International's Publications Committee. He teaches graduate level classes at New York University in Information Security Management and Ethical Risk Management. He gives exam prep classes in New York City and globally for CISA, CISSP, CISM, CIA, and CBCP certifications.

Contact Greg Adams at eDelta at 1 (646) 205-9960 or gadams@edeltaconsulting.com to register.

CBCP Exam Training Course
Date: September 14-15, 2011
Venue: The Royal Bermuda Yacht Club, Dining Room 15 Point Pleasant Road Hamilton HM 11
Time: 9:00am – 5:00pm
Breakfast and Lunch will be provided.
Course Fee without Exam: $1,495
Course Fee with Exam: $1,995*
*Proctored exam will be held on Friday, September 23, 2011.

QuoVadis introduces Sign! for SuisseID

Tue, 06 Sep 2011 12:00:00 GMT

QuoVadis has introduced Sign! free PDF software allowing its SuisseID users to easily create legally binding digital signatures on electronic documents.

Launched in May 2010 in cooperation with the Swiss State Secretariat for Economic Affairs (SECO), SuisseID is the first standardised national electronic proof of identity in Switzerland. SuisseIDs are issued on smartcards or cryptotokens and are legally valid eID. Under the Swiss ZertES law, electronic signatures created using SuisseID have the same legal validity as their paper counterparts.

Using Sign! QuoVadis users can fill out and sign PDF forms. Users can also create new PDF documents as well as insert electronic signatures that identify the signer and make the document tamperproof. Sign! allows users to customise the content and visual appearance of the electronic signature.

Sign! creates both Qualified and Advanced electronic signatures (with optional time-stamp) under ETSI standards and verifies the validity of signatures using OCSP and CRL. To meet long term archiving requirements, Sign! creates a legally compliant PDF/A validation report. Sign! is available for both Windows and Apple operating systems and supports Mini Driver, PKCS #11 and TokenD integration for use in popular browsers and email software.

Sign! optionally supports the use of secure PIN entry via card reader. Customers requiring additional security can upgrade at a special price to the Sign Live! CC Certified Signature Solution, which is certified by BSI for compliance with the German Signature Act, the German Digital Signature Ordinance and relevant Common Criteria (CC).

For more information on QuoVadis SuisseID, please visit www.quovadisglobal.ch or the QuoVadis SuisseID online shop at www.suisseid-shop.ch.

QuoVadis Services is Leading Offshore Datacentre for Cloud Computing, Virtual Hosting Services

Wed, 11 Jan 2012 02:39:00 GMT

Bermuda Realty Company Limited (trading as Coldwell Banker Bermuda Realty) has adopted a Private Cloud solution from CCS Group and QuoVadis Services as the backbone of its computing needs.

Bermuda Realty is the island’s largest real estate firm offering a wide range of rental, sales, and management services for both commercial and residential real estate.

“Bermuda Realty has a long tradition of developing innovative services for the local real estate sector,” said company president Brian Madeiros. “This has lead to a considerable investment in IT infrastructure. By moving to cloud hosting, we have made the conscious decision to focus our resources on the real estate services at the heart of our business, and to outsource the underlying technology platforms to IT specialists like CCS and QuoVadis.”

QuoVadis is providing both production and disaster recovery hosting for Bermuda Realty’s server environments, as well as virtual desktops for all employees. The Private Cloud solution is based on QuoVadis’ multimillion dollar Infrastructure on Demand platform, hosted in its SecureCentre datacentre in Hamilton.

“Bermuda Realty were looking for a highly available, high performance solution for their servers as well as the ability for employees to securely access their work from anywhere at any time,” stated Kory Logan, Product Development Manager of CCS. “Based on these requirements, we felt that hosted services with virtual desktops powered by the QuoVadis platform would be the most effective and economical solution for Bermuda Realty.”

With cloud hosting, companies outsource their server computing requirements to a hosting provider, reducing their own costs of buying in-house hardware or maintaining a datacentre. Virtual desktops expand on that idea, so a user’s software and files are not tied to an individual desktop computer. Rather, they operate from a central cloud server, so that users can access their office work environment from any computer when securely connected to the QuoVadis cloud.

“The QuoVadis cloud allows companies to reduce their business risk and overall cost of IT by leveraging our high performance computing platforms and datacentre technologies,” said Gavin Dent, CEO of QuoVadis Services. “It’s an appealing formula for many businesses faced with steep upgrade costs, replacing their variable upfront IT capital expenditures with predictable monthly fees.”

QuoVadis launched the high availability SecureCentre offshore datacentre in central Hamilton in late 2010 with multiple layers of support infrastructure and direct connections to Bermuda’s various data networks. QuoVadis expanded its offering with a world class Infrastructure on Demand platform, able to support a wide variety of virtual hosting and virtual desktop solutions, as well as tailored Private Cloud hosting. Other offerings include disaster recovery and remote back up services, managed storage solutions, as well as managed firewall and security monitoring.

“In this economic environment, many local companies are paying particular attention to their in-house costs of supporting and operating IT infrastructure. At the same time, they have concerns about hosting their IT overseas for jurisdiction or support reasons,” said Ian Cook, General Manager of CCS. “Working with the QuoVadis offshore cloud computing platform, CCS can create solutions that leverage the power of cloud computing but are customised to local company requirements and are backed up by experienced Bermuda support teams.”

CCS has provided IT professional services in Bermuda since 1982, building and providing ongoing support for some of the island’s most complex technology implementations. CCS consultants offer a complete portfolio of communications solutions, both for in-house implementation or for outsourced environments such as the QuoVadis Infrastructure on Demand platform.

QuoVadis CEO Named President of SuisseID Association

Wed, 25 Jan 2012 02:14:00 GMT

QuoVadis CEO Roman Brunner has been named President of the SuisseID Trägerverein, the association with responsibility for the Swiss national electronic ID programme (http://www.suisseid.ch/).

SuisseID was launched in May 2010 by the Swiss State Secretariat for Economic Affairs (SECO) as the first standardised product for secure electronic identity verification in Switzerland. SuisseID credentials may be used to conduct online transactions by individuals, between companies, or with Government. SuisseID provides the following benefits:

Electronic proof of identity
Electronic proof of function (including role in a company or a professional designation)
Qualified (legally binding) electronic signature

SuisseID was initially funded by the Swiss Government as an economic stimulus for the IT sector and to encourage the adoption of electronic commerce at all levels of the Swiss economy. As the programme has become established, responsibility for its management has shifted to the independent SuisseID Trägerverein led by key players in the sector.

Today, more than 220 organisations have enabled their online offerings to accept SuisseID credentials, which are stored on a smartcard or USB device and may be used with normal browser or email software. In addition, important trade associations and managed service providers have also adopted SuisseID for their online activities.

QuoVadis clients include green.ch, a large hosting and IT services provider, which provides QuoVadis SuisseIDs to customers for secure authentication to their online services as well as for secure email. Similarly KPT, a national health insurer, uses QuoVadis SuisseIDs to authenticate clients using their web platform and to enable qualified electronic signatures for paperless contract handling.

QuoVadis was founded in Bermuda in 1999. Mr. Brunner was a long-term Bermuda resident before returning to his native Switzerland to lead QuoVadis’ international development efforts. QuoVadis (http://www.quovadis.ch/) has been an approved issuer of SuisseID since the programme’s inception, with registration points across the country including at all major rail stations and municipal offices. In addition, QuoVadis’ Dutch subsidiary is an issuer for large-scale eID programmes in the Netherlands called PKI Overheid and e-Herkenning.

In addition to his role of President of the SuisseID Trägerverein, Mr. Brunner also serves on the organisation’s International Working Group which manages SuisseID compatibility with other eID standards and initiatives, including those of the EU STORK Project, World eID, and the Universal Postal Union.

QuoVadis to Implement CA/Browser Forum "Baseline Requirements" for SSL/TLS

Wed, 14 Dec 2011 07:19:00 GMT

QuoVadis is among the first Certification Authorities to adopt the new “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” standard published by the CA/Browser Forum.

QuoVadis is a longstanding member of the CA/Browser Forum and contributed to the development of the new Baseline Requirements, which consolidate many previously fragmented standards and best practices for the issuance and management of SSL/TLS digital certificates.

“Previously Certification Authorities had to interpret overlapping standards from different software providers, regulators, and audit regimes,” said Roman Brunner, CEO of QuoVadis. “With the Baseline Requirements the core standards are integrated in one document, clarifying responsibilities and increasing accountability for trusted CAs that issue SSL/TLS digital certificates.”

SSL/TLS certificates are an essential part of the Internet’s security infrastructure, used to authenticate the ownership of websites and other online resources, as well as to encrypt information for confidentiality.

“Over time SSL/TLS has evolved with the growing sophistication of Internet, implemented in a wide array of software and the proven capability to scale to handle many millions of users. By establishing a security benchmark for CAs around the world, the ongoing Baseline Requirements initiative will benefit all users of SSL certificates and the https security they provide,” continued Mr. Brunner.

The Baseline Requirements provide clear standards for CAs on important subjects including CA security, verification of identity, a range of technical issues related to certificate content and technical structure, audit requirements, liability issues, and delegation of roles including the use of external sub-CAs and registration authorities.

QuoVadis, along with other major CAs that have chosen to voluntarily adopt the standard, will implement the Baseline Requirements before the effective date of July 1, 2012.

The CA/Browser Forum has requested that internet browsers and operating systems adopt the Baseline Requirements among their conditions to pre-distribute CA root certificates in their software. The CA/B Forum has also requested that the major audit regimes used by CAs, WebTrust and ETSI, develop audit criteria to assess compliance with the Baseline Requirements.

Founded in 1999, QuoVadis is a leading international Certification Authority, issuing both Organisation Validation and Extended Validation SSL certificates as well as digital certificates for End Users. QuoVadis is accredited as a Qualified Certification Services Provider (CSP) in several countries, and an issuer of Swiss SuisseID and Dutch PKIoverheid certificates. QuoVadis is audited to the WebTrust/CA and WebTrust/EV standards as well as the ETSI qualified standards.