Skip to main content
banner image
venafi logo

Majority of Businesses Still Experience Outages: Are You Protecting Your Certificates?

Majority of Businesses Still Experience Outages: Are You Protecting Your Certificates?

Certificates, Outages, CIOs
March 25, 2019 | Eva Hanscom

Certificate-related outages harm the reliability and availability of vital network systems and services while also being extremely difficult to diagnose and remediate. Unfortunately, the vast majority of businesses routinely suffer from these events, and they are growing more and more costly.

“Recently, a certificate-related outage impacted 32 million cellular customers in the U.K., and estimates suggest this could have cost the company over $100 million,” says Kevin Bocek, vice president, security strategy and threat intelligence at Venafi. “Ultimately, companies must get control of all of their certificates; otherwise, it’s simply a matter of time until one expires and causes a debilitating outage.”

Venafi recently conducted a study to see how organizations are responding certificate-related outages on critical business infrastructure. We surveyed over 550 chief information officers (CIOs) from the U.S., U.K., France, Germany and Australia and found that outages are likely to become more complicated, common and costly in the future.

Key findings from the study include:

  • Almost two-thirds of organizations (60%) experienced certificate-related outages that impacted critical business applications or services within the last year.
    • In addition, 74% faced similar events within the last 24 months.
  • 85% believe the increasing complexity and interdependence of IT systems will make outages even more painful in the future.
  • Nearly 80% estimate certificate use in their organizations will grow by 25% or more in the next five years, with over half anticipating minimum growth rates of more than 50%.
  • While 50% of CIOs are concerned that certificate outages will have an impact on customer experience, 45% are more concerned about the time and resources they consume.

While humans rely on usernames and passwords to identify themselves and gain authorized access to applications and services, machines use digital certificates to serve as machine identities in order to communicate securely with other machines and gain authorized access to applications and services. Sadly, most organizations do not have a clear understanding of how many machine identities are in use, which devices are using them, and when they will expire. This lack of comprehensive visibility and intelligence leads to outages when under-managed machine identities expire.

“Since certificates control authentication and communication between machines, it is important not to let them expire unexpectedly,” continues Bocek. “And because the symptoms of a machine identity-related outage mimic many other hardware and software failures, diagnosing them is notoriously time-consuming and difficult.”

So how can your organization alleviate the risk of outages? Venafi recommends the following steps:

  1. Discover all certificates. Choose a discovery tool that lets you look across
    your entire extended network—including cloud and virtual instances, and CA implementations. This will help you locate every certificate that can impact the reliability and availability of your organization’s critical infrastructure.
  2. Create a complete inventory. Catalog your entire inventory of certificates and store it in a centralized repository where you can track and manage the status of all certificates. This makes it easy to rotate your certificates before they expire.
  3. Verify security compliance. Investigate certificate properties to ensure that certificates have proper owners, attributes and configurations so all certificates fall into line with your organization’s regular cadence of renewals.
  4. Continuously monitor certificates. Conduct non-stop surveillance of all certificates so that you’ll know immediately when something isn’t right. This is the most efficient way to keep tabs on renewal requirements, as well as misuse.
  5. Automate renewals. Eliminate the risk of human error by automating certificate renewals, allowing you to install, configure and validate certificates in seconds. You’ll not only improve availability; you’ll be able to do it in a fraction of the staff hours previously required.

“Overall, CIOs need greater visibility, intelligence and automation of the entire life cycle of all certificates prevent outages,” concludes Bocek.

Related posts

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

man sitting on chair and thinking

Venafi Study: Are Financial Service Organizations More Likely to Suffer Certificate-Related Outages?

accessec, APIIDA, Crypto4A, Difenda

Six Groundbreaking Machine Identity Protection Developers Gain Funding

code signing certificates, Code Signing, Stuxnet, ShadowHammer

Study: How Well Are You Protecting Code Signing Certificates?

About the author

Eva Hanscom
Eva Hanscom

Eva Hanscom writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat