Certificate-related outages harm the reliability and availability of vital network systems and services while also being extremely difficult to diagnose and remediate. Unfortunately, the vast majority of businesses routinely suffer from these events, and they are growing more and more costly.
“Recently, a certificate-related outage impacted 32 million cellular customers in the U.K., and estimates suggest this could have cost the company over $100 million,” says Kevin Bocek, vice president, security strategy and threat intelligence at Venafi. “Ultimately, companies must get control of all of their certificates; otherwise, it’s simply a matter of time until one expires and causes a debilitating outage.”
Venafi recently conducted a study to see how organizations are responding certificate-related outages on critical business infrastructure. We surveyed over 550 chief information officers (CIOs) from the U.S., U.K., France, Germany and Australia and found that outages are likely to become more complicated, common and costly in the future.
Key findings from the study include:
While humans rely on usernames and passwords to identify themselves and gain authorized access to applications and services, machines use digital certificates to serve as machine identities in order to communicate securely with other machines and gain authorized access to applications and services. Sadly, most organizations do not have a clear understanding of how many machine identities are in use, which devices are using them, and when they will expire. This lack of comprehensive visibility and intelligence leads to outages when under-managed machine identities expire.
“Since certificates control authentication and communication between machines, it is important not to let them expire unexpectedly,” continues Bocek. “And because the symptoms of a machine identity-related outage mimic many other hardware and software failures, diagnosing them is notoriously time-consuming and difficult.”
So how can your organization alleviate the risk of outages? Venafi recommends the following steps:
“Overall, CIOs need greater visibility, intelligence and automation of the entire life cycle of all certificates prevent outages,” concludes Bocek.