Skip to main content
banner image
venafi logo

Lets Get Ready to Rumble

Lets Get Ready to Rumble

June 27, 2012 | Calum MacLeod

There is an old adage from the British Army known as the ‘seven Ps', and it is frequently used in project planning or when training for life-or-death situations.

‘Proper planning and preparation prevents piss poor performance'. My apologies if I have offended anybody, but every organisation needs to ask itself if it has planned and is prepared for increasingly likely attacks.

As anyone who has been following the news for the last few months will realise, the SSL certificate has now become a key target in the cyber attack arsenal. Flame, Stuxnet and Duqu are the high-tech weapons, and are likely only the tip of the iceberg when it comes to what is lurking beneath.

Each of these pieces of malware have been signed by a digital certificate owned, or appearing to be owned, by reputable companies and issued by trusted authorities, or are appearing to be.

In spite of all the cries that SSL is not safe and that there are problems with the trust model, the fact of the matter is that SSL is probably the best we have right now to protect ourselves. No one claims it is perfect, but I haven't yet seen a better and more secure alternative.

Passwords are certainly not the way to go – they are being hacked and some will argue that one-time password (OTP) token-based solutions do the job, but it's not so long ago that RSA was replacing millions of them. The biggest problem with SSL certificates is that most organisations have applied no proper planning and preparation for the use of certificates, and as a result are vulnerable to attack.

Contrary to popular opinion, Microsoft did not invent Excel to be a certificate management or policy enforcement system, although given the extensive use of Excel among PKI departments, they could probably re-certify it and charge a fee! But then in most companies this is the level of sophistication that exists. So here are some guidelines that might be helpful:

Read Full Article

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Calum MacLeod
Calum MacLeod
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more