Skip to main content
banner image
venafi logo

PKI Poll Results: Are Your PKI Problems Fatal? [Part One]

PKI Poll Results: Are Your PKI Problems Fatal? [Part One]

PKI management poll
October 11, 2017 | Eva Hanscom

Public key infrastructure (PKI) can be a complicated component of an enterprise’s IT operations and security strategy. Given the explosion of certificates required by today’s systems and applications, user demands may overwhelm PKI teams. Many simply do not have the proper resources to keep pace with the ever-evolving set of security requirements required to keep PKI protected.

To better understand these issues, Venafi recently conducted a simple poll on PKI management through its social media channels. The results indicated that while some PKI teams are on the right track, many more could use some improvement. Here’s what we found.

PKI is often seen as an operational component of a business, but it's also important to an organization’s overall a security posture. When asked who owns PKI management in their organization, nearly half of the respondents said “operations.” Unfortunately, this means that in most companies, the security aspects of PKI may not be receiving enough expert attention. The results indicate there is a need for greater communication between operations and security teams.

Who Owns PKI.PNG

To ensure consistent management and policy enforcement across all certificate authorities (CAs), organizations should invest in third-party management solutions for their PKI. Unfortunately, many of the respondents in our poll aren’t accessing the centralized intelligence that would deliver key insights into their PKI program.

Relying on certificate authorities and spreadsheets to track certificates means they don't have complete visibility into all the certificates in use. In addition, there are significant limitations with purely using CAs to track and manage certificates. Users cannot see rogue CAs that are added without permission or swap out a CA in response to changes in business practices.

How Do You Manage PKI.PNG

Another key metric for PKI security is certificate expiration dates. The longer the expiration date, the greater the opportunity for something to go wrong. How often are your certificates set to expire? Google says best practice for certificate expiration is 6 months or less. However, only a quarter of our poll respondents hit this goal on a regular basis.

How Often Are Certificates Set to Expire.PNG

Want to learn more about other factors that impact PKI security? We’ll explore the remaining results of Venafi’s PKI poll in our next post.

In the meantime, how does your PKI program stack up to these results?

 

Like this blog? We think you will love this.
certificate revocation
Featured Blog

How to Check for Revoked Certificates

Many methods exist for publishing and querying these lists but few of them are widely used.

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection
Industry Research

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection

Machine Identity Protection for Dummies
eBook

Machine Identity Protection for Dummies

About the author

Eva Hanscom
Eva Hanscom

Eva is Public Relations Manager at Venafi. She is passionate about educating the global marketplace about infosec and machine-identity issues, and in 2018 grew Venafi's global coverage by 45%.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat