Subscribe

Thomas Stoesser l Jul 9, 2026 l HPE Nonstop, TAMUNIO

Why PQC Readiness Starts with Crypto Visibility and Control

In our previous articles, we explored how Automated Certificate and Key Lifecycle Management and Centralized Key and Secrets Management strengthen HPE Nonstop security. Now it's time to turn to the third pillar: protecting critical SSH and SSL/TLS connections with post-quantum-ready cryptography.

HPE Nonstop environments contain some of the world’s most sensitive personal and financial information. That makes them a popular target for attack by digital fraudsters, thieves and extortionists. It’s why the GDPR and PSI DSS 4.0 demand strong encryption from in-scope organizations. But what happens when the mathematical puzzles on which that encryption is based can be solved by a new breed of powerful computers? That’s the reality facing HPE Nonstop customers around the world.

With covert attacks already taking place, organizations must urgently consider their post-quantum cryptography (PQC) plans. Control starts here.

Quantum is coming

HPE Nonstop environments often process payment, financial, transaction, and operational data with long-lived sensitivity. That means data must be secured now and in the years to come – until the end of its natural lifecycle. But this data is at risk if the conduits through which it flows are imperiled by attackers using powerful cryptographically relevant quantum computers (CRQCs)?

Currently in development, these machines will be able to solve the mathematical puzzles on which much modern (asymmetric) cryptography depends, including SSH and SSL/TLS. These protocols (and related terminal/file protocols) typically provide secure access to HPE Nonstop environments for system-level administration, green-screen application management, and connectivity to other Nonstop systems.

We don’t know when CRQCs will emerge. But the timeline appears to be accelerating. Google recently brought forward its plans for PQC migration to 2029, several years before previous “Q-Day” estimates. Cloudflare has followed suit. This challenge alone requires urgent action. But it’s more critical than that. Back in 2024, NIST warned about Harvest Now, Decrypt Later (HNDL) attacks. This happens when threat actors hoover up large volumes of scrambled data, with a view to decrypting it when CRQCs emerge.

A pathway to PQC

The challenge for HPE Nonstop customers isn’t just that they process large volumes of highly monetizable data. It’s that there is currently no HPE roadmap for introducing PQC for SSH and SSL. And even if the vendor does come up with a plan, any new capabilities designed to replace HPE Nonstop SSH and HPE Nonstop SSL with quantum-ready alternatives will take time and effort to deploy.

In the meantime, data is exposed to HNDL attacks right now.

So what are the options? First, organizations need to understand what cryptography they’re using, where they’re using it, and what type of data its protecting. For HPE Nonstop customers, this will certainly include sensitive information transmitted via SSL and SSH. Next, update the enterprise risk management strategy to replace existing algorithms with PQC for the most sensitive data.

This is where comforte’s TAMUNIO Assure comes in. It installs over the existing HPE Nonstop stack, with no script or code changes required to deliver full quantum-safe data traffic flows. And it offers a classic and PQC hybrid approach – for immediate quantum resistance today and a pathway to pure PQC later.

TAMUNIO Assure also offers centralized key and secrets management to further reduce administrative overheads and eliminate security gaps. This is particularly important because hybrid crypto approaches may double certificate volumes, while industry standards for rotation are set to drop to 47 days – increasing the management burden on IT teams.

Proven at scale

HPE Nonstop security teams mulling their next move to quantum safety need to balance risk and reward. Today, the risks of HNDL are growing. And the emergence of CRQCs is approaching fast. That’s why authorities like NIST, the European Commission and various industry bodies are urging action.

The good news is that comforte TAMUNIO Assure is built on decades of HPE Nonstop and data protection expertise. We already protect 64% of global card transactions. It’s designed as a seamless, drop-in replacement: no rip and replace required. Any up-front costs are quickly offset by less admin, lower key-compromise risk and the avoidance of potentially costly quantum retro fits.

The quantum countdown clock is ticking.


Share this:  LinkedIn Bluesky XING Email

TAMUNIO Assure: PQC-Ready Crypto Modernization for HPE Nonstop

Explore how TAMUNIO Assure helps HPE Nonstop teams strengthen SSL/TLS and SSH protection, bring keys and secrets under centralized control, and reduce manual certificate and key management. The fact sheet explains how organizations can modernize cryptographic operations while preserving the stability of mission-critical systems.

Download TAMUNIO Assure Fact Sheet 

Related posts