As your enterprise continues to extend encryption to more applications, you may find that your public key infrastructure (PKI) teams just aren’t big enough to handle the increased demand. Enabling users of all types to easily request and renew certificates, as well as view the status of their respective environments, will enable your business to handle the increased demand for keys and certificates. Part one of this blog series on easy and intuitive PKI operation for non-security administrators explores the role of system admins in managing encryption for their respective applications.
Most organizations have a relatively small team dedicated to managing digital certificates. Larger enterprises might have several PKI administrators while others make this the responsibility of specially-trained network admins. In either case, PKI teams are hard pressed to keep pace with the exponential growth in the demand for keys and certificates.
However, regardless of their responsibilities, these brave souls are the encryption experts who must work across the entire business to manage all the certificates that enable secure communication. That means collectively they could be installing, replacing, and revoking certificates on hundreds of systems and devices every day. And as encryption grows across the enterprise, this small team is stretched to the breaking point, often begging for help to control it all.
Most know that they can’t do it alone. But many do not realize that help is readily available, if they are willing to delegate certain responsibilities. To virtually extend their teams, they need look no further than to the system admins who are already managing the systems and devices that need to be secured.
That’s right. System admins are quickly becoming more engaged in making sure their systems and applications have trusted and valid certificates installed correctly to meet stringent security policies. However, they are not PKI experts. And you can’t expect them to be.
By and large, system admins are domain experts responsible for efficiently maintaining an application or part of the infrastructure to support it, such as the database, server platform, networking, or virtualization. As such, most don’t have the inclination to become encryption experts. They know what digital certificates do and why they need them. But most do not have the time and resources to go deeper than that.
If managing certificates seems too complicated or specialized for them, they will inevitably rely on the PKI team to do what needs to be done. Since they only need to renew certificates every few months, it has to be easy for them and it has to be fast.
The good news is you can make your PKI team bigger without adding headcount or increasing your workload. It’s time you start enabling your system admins to manage their own keys and certificates. Part II of this blog series explores ways that help make it easy for them to assume responsibility for their own environments without requiring extensive knowledge and training.