One of the things that server administrators routinely issue are digital certificates that authenticate users and other servers trying to access their servers. While encryption is generally considered a good security practice, the trouble is that nobody seems to be managing the overall process associated with managing these certificates. And now that IT organizations have been issuing these certificates for years, there are hundreds, maybe even thousands, of them to manage. Worse yet, chances are good that more than a few of these certificates are unaccounted for, lost or outright stolen.
A survey of 471 senior managers conducted by Venafi, a provider of key and certificate management tools, finds that there are more than a few IT organizations that are not completely sure where their digital certificates are and who might have access to the keys that go with them.
But while this issue has yet to reach of full-blown crisis, Venafi CEO Jeff Hudson says the proliferation of virtual servers means that there will be more certificates than ever floating around the organization. In fact, the number of digital certificates that IT organizations need to manage is growing at a rate of 200 percent a year, and many of those certificates are being issued by multiple authorities.
From Venafi’s perspective, this is all good news. The company provides tools for managing digital certificates regardless of how many authorities are involved. To that end, the company recently released Venafi Encryption Director 6, which adds additional types of key managers and enhanced discovery and monitoring tools for digital certificates.
Beyond having their digital certificates misplaced or misappropriated, Hudson says the other issue that IT organizations will soon have to deal with is the simple fact that digital certificates expire. It’s not uncommon for users or servers to experience a service disruption simply because no one realized a digital certificate.
At the end of the day, digital certificates are nothing less than the keys to the digital kingdom. And like most sets of keys, the more you have, the more likely it is that you're going to lose one.
A cookie-cutter approach to compliance can leave organizations more exposed than ever before to potential security risks and controls failures. ... More >>
In order to be successful and stay competitive, companies must prepare for what the workforce will look like in 2020 and beyond. ... More >>
Working with a staffing vendor to hire tech support for projects is often a smart decision, but selecting the right firm to take on a project is a major decision. ... More >>