Digital Certificates and PKI for Engineers

Engineers and architects not only work hard, but sign hard. Plans and blueprints often require a high number of signatures, which can eventually be staggering before long. For those mindful of cost, consider a 2015 study which found that companies in the manufacturing sector use 63% of the paper they print for signing purposes, with an average cost of $1,350 per signer.

Aside from the impracticality and environmental burden inherent in paper-based documents, they are also not compatible with the modern software and apps being used by engineers in construction projects. In the past decade, the engineering industry has become increasingly digital and this technological advancement allowed for more efficient planning and execution of projects.

Notwithstanding the many advances in engineering science, the benefits of digitalization in the construction industry have also been hampered by cases of breaches and ransomware attacks. In 2018, Kroll, a risk and valuation digital solutions company, released a survey stating that 93% of responding construction companies experienced a cybersecurity attack in the past year. Comprising a 16% jump compared to the previous year, Kroll says this statistic demonstrates the fact that the engineering, construction, and infrastructure industry showed  the highest yearly increase in terms of cyber attacks. 

The solution against cybersecurity attacks is not to revert to older, manual tools that engineers used before which are inefficient.  As we speed into the 3rd decade of the 21st century, buildings and machines will become more and more complex in structure and design and this requires even more accurate and sophisticated software and computer applications for planning, modeling, and computation. Inevitably, contractors and subcontractors  will also have to continue to interact through the internet and share data and soft documents in order to speed up work processes. 

As we will explain in the latter half of this article, companies will only be able to effectively thwart cyber attacks if they beef up their cybersecurity infrastructure. But first, let’s discuss why engineers are often attacked by hackers.

Why are Engineering Companies Highly Targeted by Hackers?

  • Multiple Online Entry Points to Project Information. Construction projects are a collaboration of the main contractor and various subcontractors. In a single project, one would see multiple engineering companies working on each of their specialties like electricity, sanitation, metalworks, and concrete works. Each company’s employees would have access to both confidential and shared data using their own laptops and mobile devices. If a cyber criminal succeeds in stealing the system login credentials of any of these employees through phishing, pharming, or other hacking methods and modifies the blueprint or other pertinent documents, the entire project can lead to catastrophic effects.    
  • Huge Money Involved. Engineering works and projects involve vast amounts of money. Consider the costs of the following construction projects:  Embridge Line 3 Pipeline replacement project ($2.9 billion), Purple Line Light Rail project ($5.8 billion), Austin transit plan Project Connect ($7.1 billion), and Vogtle Electric Generating Plant ($27 billion). Because building projects are worth millions or billions of dollars, cybercriminals have all the motivation they need to steal valuable data from companies.
  • Possession of Sensitive and Critical Data. Construction projects are founded on engineering blueprints, bidding documents, copyrighted knowledge bases, and classified company work plans. Hackers can sell company secrets to competitors in the industry or hold operational data hostage until the victim agrees to pay to regain access to these.

Why Does PKI Technology Matter to Engineers?

In a nutshell, PKI is used to manage pairs of public and private cryptographic keys and bind them to the identities of entities, such as persons and organizations, through the issuance of electronic documents called digital certificates. The mathematics behind PKI ensure that if a certificate is signed with a given entity’s private key, anyone with the public key from the pair can:

  • Verify that the entity presenting the signed certificate is in possession of its corresponding private key (authenticity).
  • Trust that the content of the certificate has not been altered since it was initially generated (integrity).
  • Use the public key to encrypt a message that can only be decrypted with its associated private key (encryption).

If a digital certificate is validated and signed by a certificate authority (CA), such as, that is trusted by major software providers like Adobe and Microsoft, the identity of the signatory will be trusted by software like Acrobat and MS Office. This technology makes document signing certificates a secure and trustworthy means to digitally sign numerous documents, all with the assurity that the signature truly comes from whom it is purported to come from. 

How Can Engineers Use Document Signing Certificates?

A document signing certificate is another type of X.509 certificate. A publicly trusted certificate authority (CA),such as, checks information submitted about an applicant and, if valid, issues a signed certificate. The certificate can then be used to create digital signatures. 

Document signing certificates from may delivered on FIPS 140.2 YubiKey USB tokens and/or enrolled in our eSigner cloud signing service. In either case, your private signing key is stored on the device or service, is not exportable, and can only be accessed by a PIN or OTP code.

This technology enables engineers to be able to duplicate their signature numerous times digitally, all while maintaining validity and assurance that it is truly their own stamp of approval. It also reduces cost significantly, from the reported average of $1,350 per year per signer, to less than $300 per year.

Document signing certificates issued by are implicitly trusted by client software such as Adobe and Microsoft, as well as major web browsers and operating systems. As a publicly-trusted CA,’s validation and certificate issuance procedures are subject to regular, rigorous audits to maintain this trusted status.

Digital signature in Adobe Acrobat’s document signing certificates also come with S/MIME capabilities, which allows for encrypted email to be sent and decrypted by those within your organization who have been given your public key. This allows for an additional measure of security when dealing with sensitive documents or company information. 

eSigner as a Cybersecurity Solution for Engineers’s eSigner cloud signing system enables engineering companies to place internationally trusted digital signatures to pertinent documents that they communicate online to their counterparts including blue prints, billing records, and employee information. Practically speaking, eSigner’s use of digital signatures  is considered as a more modern and secure way to sign pertinent documents compared to the pen and paper method. Handwritten signatures can be copied by impersonators but encrypted digital signatures are highly difficult to hack.

Engineers can also safeguard softwares and computer applications that they use in their work. If installation drivers for these tools have to be sent through the internet, the receiving parties can be confident that they are not downloading malware. This is because eSigner’s use of PKI technology securely encrypts the file with the sender’s private key and prevents it from being accessed unless the receiving party has the corresponding public key. With the file being uniquely locked, the receiver can be sure that the file really came from the correct entity. 

Cloud-based file storage and security has been proven to be cheaper and provides more protection from data theft and loss compared to hardware. A cloud service such as eSigner allows companies to efficiently share data even in the face of vast geographical distances. Even if files get accidentally deleted in the cloud system, the technology allows for fast recovery of backup files.  

eSigner is fully compatible with the cloud signing standard of Cloud Signature Consortium – an international group of organizations belonging to the government, academe, and the cybersecurity industry. eSigner document signatures are also legal and enforceable under the United States Electronic Signatures in Global and National Commerce (ESIGN) act and the laws of many other countries worldwide.

Last Word

Now, more than ever, Public Key Infrastructure should be at the forefront of a company’s cybersecurity structure.  A company headed by engineers should be mindful that if a company’s data security is not taken care of, it can lead to wrong implementation of plans at the ground level manifesting in adverse effects.

Whether you’re looking to cut costs, add authenticity and trust, or just for added convenience when performing digital signatures, a document signing certificate and the eSigner cloud signing system from are excellent choices. 

Subscribe to’s Newsletter

Don’t miss new articles and updates from

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.