Skip to main content
banner image
venafi logo

Why You Need Automation for Certificate Management

Why You Need Automation for Certificate Management

automation certificate management Venafi
January 14, 2019 | Guest Blogger: Kim Crawley

We human beings are notoriously imperfect. To err is human, right? One of the funniest mistakes that I make on a regular basis is when I look around my house for a small object that I was holding in my hand the whole time. Just yesterday I was putting my makeup on and I realized that my eyeliner pencil needed to be sharpened. Yes, I spent multiple minutes looking for the pencil sharpener that I was holding totally obliviously. Oops.

Human error also has a measurable effect on machine identities—most notably on the effectiveness of TLS certificate implementation. And sometimes TLS certificate mistakes don't just expose valuable data to cyber attack, sometimes they also have tremendously negative basic functionality consequences. They can be the kind that makes millions of customers upset, damage a brand's reputation, and cost businesses millions of dollars. What happened to major British cellular carriers on December 6th certainly illustrates my point. As I wrote here on Venafi’s blog:

“I use my phone constantly for work, play, and leisure. It’s pretty much always on my person. I’m probably rather typical. So, when about 32 million people in the UK lost the use of 4G and SMS on December 6th, I could definitely feel their pain. That’s a major inconvenience to people in their everyday lives, and also to many businesses which rely on their phones.

The outage affected O2 customers, and also customers of other Telefonica U.K. carriers, which include GiffGaff, Lyca Mobile, Sky Mobile, and Tesco Mobile. The common link is Ericsson’s Serving GPRS Support Node – Mobility Management Entity software. Ericsson was making changes to their Ericsson's Centralized User Database of subscribers. And what was the point of failure? An expired certificate. A singular machine identity. Really!”

Imagine if Ericsson and Telefonica reduced the potential for human error by more thoroughly automating their certificate management tasks. There wouldn’t be about 32 million Brits upset about not being able to use their phones for an extended period of time.






Conducting digital tasks manually which could be more effective when automated is having a detrimental impact on large organizations with legacy IT infrastructure and existing operations.

Business consulting firm Protiviti just released a study which surveyed the world’s 300 CXOs (such as Chief Risk Officers, Chief Sales Officers, Chief Diversity Officers, and Chief Legal Officers). Digital identity management is specifically a concern that hurts organizations when they do it the old-fashioned manual way. According to the study:

“Concerns related to privacy and identity protection continue to be among the top 10 risk concerns for 2019. The presence of this risk in the top 10 is somewhat expected given the increasing number of reports of hacking and other forms of cyber intrusion that compromise sensitive customer and personal information. Two-thirds of our respondents rated this risk as ‘Significant Impact' for their organization. This concern is likely linked to the proliferation of legislation to protect the privacy of personal information. Initiated in the European Union and spreading to the United States and elsewhere, that legislation has created enormous complexities for business with the teeth of potential fines, penalties and reputation loss that cannot be ignored."

TLS certificates need to be generated not only for your organization’s websites and web applications, but also for all of your organization’s internal and external entities which interface with public key infrastructures, such as email, internal documents, application authentication, Internet of Things devices, and network services of all kinds. You could be working with one certificate authority or a number of different certificate authorities. Certificates constantly expire, and new certificates constantly need to be generated. One little mistake made with any of them can have catastrophic consequences. Cyber attackers could access your sensitive data, interfere with your crucial business operations, or millions of customers could find that your services for them don’t work.

Plus automation relieves human workers of the burden of having to conduct very tedious tasks. The human brain absolutely hates tedious tasks and boredom increases the risk of human error. Computerized automation systems conduct tedious tasks perfectly according to the instructions they’ve been given, and they’re much less expensive than human labor hours. Save your labor costs for work which absolutely requires human beings.

North Carolina State University collaborated with Protiviti for their study. NCSU’s Deloitte Professor of Enterprise Risk Management Mark Beasley said, “Those organizations that have those embedded, traditional processes may not be able to compete in the marketplace as nimbly as some of those competitors that we refer to as ‘born digital.’ That risk rose to the number one spot this year.”

And guess what? Those “born digital” companies have automation in their DNA.

Organizations need to make sure they monitor their digital certificates for signs of misuse. To do that, they need to obtain complete visibility over their certificates. Learn how Venafi can help.





Related posts

Like this blog? We think you will love this.
image of a young blonde woman in a turquoise blouse looking up in a confused expression
Featured Blog

Intermediate Certificate Authorities to Be Revoked for Revocation Errors [Ironically]

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Machine Identity Protection for Dummies

Machine Identity Protection for Dummies

About the author

Guest Blogger: Kim Crawley
Guest Blogger: Kim Crawley

Kim Crawley writes about all areas of cybersecurity, with a particular interest in malware and social engineering. In addition to Venafi, she also contributes to Tripwire, AlienVault, and Cylance’s blogs. She has previously worked for Sophos and Infosecurity Magazine.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more