Skip to main content
banner image
venafi logo

Data Protection Begins and Ends with Trusted Keys and Certificates

Data Protection Begins and Ends with Trusted Keys and Certificates

generic_blog_banner_image
April 29, 2015 | Patriz Regalado

According to Gartner, encrypted traffic now comprises 15%-25% of total web traffic today. But for many businesses, it’s over 50%. The adoption of Transport Layer Security (TLS), and its predecessor Secure Sockets Layer (SSL), to protect web traffic has contributed to our exploding reliance on the Internet for personal use and commercial business.

Our dependence on SSL/TLS continues to rise. Growing concerns and regulations over data privacy as well as the surge in cyberattacks are increasing use of SSL/TLS to encrypt data transmission and authenticate web servers, application servers, load balancers, and other applications.

In addition, Google has called for “HTTPS Everywhere.” As part of this effort, Google is prioritizing search results for sites that provide this secure, encrypted connection. With HTTPS providing better search ranking, even marketing departments across all types of industries are promoting an increase in SSL/TLS use.

But this upsurge in SSL/TLS usage could also be leading to business downfall. Why? Because this growth has also increased the misuse of SSL/TLS keys and certificates, resulting in cyberattacks and network outages. The hard truth is that pervasive SSL/TLS use is only effective if the SSL/TLS keys and certificates themselves are securely managed and protected.

The 2015 Cost of Failed Trust Report, published by the Ponemon Institute, analyzed the impact of attacks on digital trust. It reveals that today’s average enterprise holds almost 24,000 keys and certificates, but the real issue is 54% are unaware of how many keys and certificates they have in use, where they are used, and who owns them. As the use of SSL/TLS increases, this lack of visibility also causes an increase in certificate-related outages—disrupting the systems these certificates were meant to protect. These outages lower productivity and cause lost revenue, profits, and customers.

Here’s another startling fact from the Ponemon report: for four years running, 100 percent of the companies surveyed said they had responded to multiple attacks using keys and certificates. Gartner estimates that by 2017, 50% of cyberattacks will use SSL/TLS to sneak past enterprise security defenses. Unfortunately, many businesses have made it easy for the bad guys to use a company’s own defensive weapons, SSL/TLS keys and certificates, against it. The bad guys understand that organizations are struggling to enforce and automate policies and can’t keep track of what is trusted. If left unprotected, keys and certificates can be usurped by cybercriminals to evade detection and keep their activities cloaked.

Even with this evidence of increased outages and breaches, you can safely expand and rely on SSL/TLS to achieve data security and privacy—with the right key and certificate management and protection. Make it a priority to learn how to automate SSL/TLS key and certificate security and validation to ensure that your data and network resources stay safe. Here are a few steps you can take in the right direction:

  • Understand the data protection issues of increasing SSL/TLS usage 
  • Learn the necessary tasks to address SSL/TLS key and certificate challenges
  • Develop key and certificate management and security strategies that ensure trust in your SSL/TLS systems

You can learn more about safely using SSL/TLS on our data protection solution page, or drop me a comment if you’d like to learn more about SSL/TLS key and certificate management and security solutions.

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

generic_blog_banner_image

Meet Us at Black Hat 2015: Blue Coat and Venafi Security Experts Discuss How to Combat SSL/TLS Encry

generic_blog_banner_image

4 Ways to Arm Your Incident Response Team for Rapid Key and Certificate Remediation

generic_blog_banner_image

$600 Million Dollar Question: Is Your Company’s IAM MIA?

About the author

Patriz Regalado
Patriz Regalado
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat