Skip to main content
banner image
venafi logo

PKI Poll Results: Are Your PKI Problems Fatal? [Part Two]

PKI Poll Results: Are Your PKI Problems Fatal? [Part Two]

PKI risks
October 18, 2017 | Emil Hanscom

In my last post, I examined the results of a recent poll Venafi conducted on its social media channels on public key infrastructure (PKI) management. I looked at which part of the organization owns PKI as well as the management strategies and certificate expiration policies that organizations have put in place. Simply put, many PKI teams are under increasing pressure to meet the expanding need for certificates.

In this blog, we will look at the rest of the survey. While you are reading, think about your own PKI program: how does it stack up to your peers?

Almost all organizations use multiple certificate authorities (CAs). However, using more than a handful of carefully selected CAs can make it challenging to control your PKI. Interestingly, 39% of the respondents of our poll have three or more CAs, making it more complex for the PKI team to effectively manage PKI security policies.


Most organizations anticipate their certificate use will grow by at least 25% over the next year or so. It’s imperative that PKI teams are prepared to put in place the structure and policies needed to meet this increased demand for certificates. PKI teams will be hard pressed to enforce certificate security policies when a wide range of users are generating them, especially because many of those requestors won’t completely understand exactly what they need.

Unfortunately, our poll revealed that there are requests coming from all over the organization. This can make is more challenging for PKI teams to respond quickly. And without a quick response, some requestors may go to unauthorized CAs to get quick certificates.


Simply put: if you don't know how many certificates you have, how can you manage and protect them? Most of the poll respondents believe they have less than 5,000 certificates on their external domains. However, our customers have found their own estimates to be very inaccurate? After deploying Venafi, our customers found over 16,500 previously unknown keys and certificates (Source: TechValidate. TVID: 363-53E-598).


In a nutshell, organizations are overwhelmed by the explosion of encryption. The PKI teams are challenged by the increase in the number of certificate requests and face difficulties getting them deployed and installed correctly.

Luckily, there are ways to improve your PKI program without increasing your workload or headcount. Check out PKI for Non-PKI Experts blog series for more information.

Could your PKI program use a little extra attention?



Like this blog? We think you will love this.
 Bild eines verärgerten jungen Mannes, der mit dem Kopf in der Hand auf seinen Computerbildschirm starrt
Featured Blog

Erneuerung, Neuausstellung, Widerruf – so vereinfachen Sie das Zertifikatsmanagement

Nachfolgend finden Sie einige Informationen zu jedem dieser Verfahren.  

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Emil Hanscom
Emil Hanscom

Emil is the Public Relations Manager at Venafi. Passionate about educating the global marketplace about infosec and machine-identity issues, they have consistently grown Venafi's global news coverage year over year.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more