Skip to main content
banner image
venafi logo

PKI for Non-PKI Experts: Empowering Your System Administrators

PKI for Non-PKI Experts: Empowering Your System Administrators

simplifying PKI for the occasional user
December 9, 2016 | Allen Marin

As your enterprise continues to extend encryption to more applications, you may find that your public key infrastructure (PKI) teams just aren’t big enough to handle the increased demand. Enabling users of all types to easily request and renew certificates, as well as view the status of their respective environments, will enable your business to handle the increased demand for keys and certificates. Part one of this blog series on easy and intuitive PKI operation for non-security administrators explores the role of system admins in managing encryption for their respective applications.

Most organizations have a relatively small team dedicated to managing digital certificates. Larger enterprises might have several PKI administrators while others make this the responsibility of specially-trained network admins. In either case, PKI teams are hard pressed to keep pace with the exponential growth in the demand for keys and certificates.

However, regardless of their responsibilities, these brave souls are the encryption experts who must work across the entire business to manage all the certificates that enable secure communication. That means collectively they could be installing, replacing, and revoking certificates on hundreds of systems and devices every day. And as encryption grows across the enterprise, this small team is stretched to the breaking point, often begging for help to control it all.

Most know that they can’t do it alone. But many do not realize that help is readily available, if they are willing to delegate certain responsibilities. To virtually extend their teams, they need look no further than to the system admins who are already managing the systems and devices that need to be secured.

That’s right. System admins are quickly becoming more engaged in making sure their systems and applications have trusted and valid certificates installed correctly to meet stringent security policies. However, they are not PKI experts. And you can’t expect them to be.

By and large, system admins are domain experts responsible for efficiently maintaining an application or part of the infrastructure to support it, such as the database, server platform, networking, or virtualization. As such, most don’t have the inclination to become encryption experts. They know what digital certificates do and why they need them. But most do not have the time and resources to go deeper than that.

If managing certificates seems too complicated or specialized for them, they will inevitably rely on the PKI team to do what needs to be done. Since they only need to renew certificates every few months, it has to be easy for them and it has to be fast.

The good news is you can make your PKI team bigger without adding headcount or increasing your workload. It’s time you start enabling your system admins to manage their own keys and certificates. Part II of this blog series explores ways that help make it easy for them to assume responsibility for their own environments without requiring extensive knowledge and training.

Like this blog? We think you will love this.
certificate revocation
Featured Blog

How to Check for Revoked Certificates

Many methods exist for publishing and querying these lists but few of them are widely used.

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection
Industry Research

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection

Machine Identity Protection for Dummies
eBook

Machine Identity Protection for Dummies

About the author

Allen Marin
Allen Marin

Allen Marin writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat