Venafi Launches Enterprise Key and Certificate Management Best-Practices Web Portal to Help Increase Security and Decrease Complexity of Encryption Deployments
Salt Lake City, Utah
June 14, 2011
Proper Management Processes and Effective Controls Enable Enterprises to Scale Encryption, Avoid Costly Breaches and Damage to Reputation Recently Experienced by Several Global 1000 Corporations
Venafi, the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions, today launched its EKCM Best Practices Portal. The site contains numerous industry-leading best practices, processes and templates, and is available to Venafi customers and registered participants. Venafi developed the Best Practices Web Portal in response to customers who found that general knowledge of how to securely implement, scale and manage encryption keys and certificates is woefully lacking. Using its nearly a decade of experience helping many of the world's largest organizations implement EKCM solutions, Venafi worked closely with its customers to compile this set of best practices.
All organizations, regardless of size or industry, utilize encryption keys and digital certificates in some form for electronic transmissions and system authentication. Encryption has grown organically and become a de-facto standard for data protection and secure communications. SSL certificates, for instance, are broadly used to secure systems and data for a wide variety of mission-critical applications—including credit-card transactions, online banking, healthcare information access and many others—both inside and outside the firewall. With the increased dependence on encryption comes a heightened need for enterprise key and certificate management, which requires best-practice guidance.
“The reality is that the world’s Global 2000 have amassed petabytes of regulated, sensitive and valuable corporate data that flows within and beyond their firewalls, all of which must be protected. These same organizations are deploying encryption and digital certificates across their global infrastructures and in the cloud," said Jeff Hudson, Venafi CEO. “The other reality is that the keys and certificates are not well managed. Recent research highlights alarming facts. Companies have little idea how many of these security assets they have in their inventories, where they are deployed, who has access to them or how they are managed. Without understanding best practices, enterprises are likely to experience significant security, operational and compliance risks."
“Most organizations are in encryption chaos—encryption assets are strewn throughout the organization, and they are managed in silos and departmentally. There is no enterprise-wide understanding of who manages this critical resource, or of why and how it is being managed,” Hudson continued. "This situation has resulted in systemic unquantified and unmanaged risk. The effects are costly and include security breaches, audit failures and operational failures. Worse yet, if there is a breach, the majority of companies do not know how long it would take to remedy. This is why our customers hatched the idea for a Best Practices Portal. The need for such guidance is not hypothetical. Major corporations like Lockheed Martin, L3, Epsilon, EMC and others have recently experienced unauthorized access that has been the subject of significant, mainstream press coverage."
“Security, privacy and compliance are driving organizations to deploy encryption key and digital certificate technologies at an aggressive pace. Sensitive, regulated information and systems would be completely exposed without them and organizations are levering them increasingly to protect themselves from external threats and internal hackers,” said Eric Ouellet, Vice President, Secure Business Enablement at Gartner, Inc. “Unfortunately, encryption assets can turn into liabilities if managed improperly. Understanding the best practices around how to approach the access controls and centralized management of these encryption assets are of critical importance.”
The new Venafi EKCM Best Practices Portal offers best-practice guidance for SSL certificate and private key management, breach and failure recovery, system availability, and security breach prevention. People who visit the site will learn how to perform these tasks:
Analyze the encryption inventory
Establish effective policies
Secure executive sponsorship
Formulate breach and failure recovery plans
Improving the management of keys and certificates involves people, technology, and process. The Venafi Best Practices Portal is the industry’s leading authority on the processes and practices that are part of the overall strategy to better security and lower risk.