One of the things that server administrators routinely issue are digital certificates that authenticate users and other servers trying to access their servers. While encryption is generally considered a good security practice, the trouble is that nobody seems to be managing the overall process associated with managing these certificates. And now that IT organizations have been issuing these certificates for years, there are hundreds, maybe even thousands, of them to manage. Worse yet, chances are good that more than a few of these certificates are unaccounted for, lost or outright stolen.
A survey of 471 senior managers conducted by Venafi, a provider of key and certificate management tools, finds that there are more than a few IT organizations that are not completely sure where their digital certificates are and who might have access to the keys that go with them.
But while this issue has yet to reach of full-blown crisis, Venafi CEO Jeff Hudson says the proliferation of virtual servers means that there will be more certificates than ever floating around the organization. In fact, the number of digital certificates that IT organizations need to manage is growing at a rate of 200 percent a year, and many of those certificates are being issued by multiple authorities.
From Venafi’s perspective, this is all good news. The company provides tools for managing digital certificates regardless of how many authorities are involved. To that end, the company recently released Venafi Encryption Director 6, which adds additional types of key managers and enhanced discovery and monitoring tools for digital certificates.
Beyond having their digital certificates misplaced or misappropriated, Hudson says the other issue that IT organizations will soon have to deal with is the simple fact that digital certificates expire. It’s not uncommon for users or servers to experience a service disruption simply because no one realized a digital certificate.
At the end of the day, digital certificates are nothing less than the keys to the digital kingdom. And like most sets of keys, the more you have, the more likely it is that you're going to lose one.
The code review, or in developer parlance, the pull request, is the number one way to set the tone, rhythm and bar needed to build a high-performing team. ... More >>
Many CIOs are enthused by the potential of the Internet of Things, Big Data and cloud computing, but are uncertain as to whether they are prepared to maintain an IT workforce with all the necessary skills to support it. ... More >>
While we might like to think of bullying as a kids' problem, these attitudes and behaviors can linger into adulthood and poison the workplace. ... More >>