Public Key Infrastructure is the backbone of your network’s security. PKI helps to make sure that your certificates are used and distributed in a secure way. The upshot is, as much of your data in transit as possible should be encrypted!
Ponemon Institute released it’s 2022 Global PKI Trends Study, based on a survey of 2,500 IT professionals across 17 countries. The findings show that the top challenges for deploying and managing PKI remain constant: no clear ownership, insufficient resources and skills.
PKI implementation risk 1: Insufficient resources are hobbling security teams
As the economy continues to be relatively volatile, major technology companies are suffering from round after round of layoffs. With staffing resources constricted, qualified resources are at a premium. This combined with an acceleration of digital transformation and an explosion in the number of machine identities needed to support it, makes the challenge of insufficient resources top of mind for IT leaders. 64% of respondents cite this as one of their biggest challenges in enabling applications to use PKI.
PKI implementation risk 2: No clear ownership is a problem
How can an enterprise maintain control over their PKI without clear ownership? Someone or some entity must be made responsible. Of the top three challenges to enabling applications to use PKI, no clear ownership was reported by 52% of respondents.
There are also related concerns. Organizations also say that they have a lack of visibility of the applications that will depend on PKI. Organizations have an average of about eight applications which use PKI such as network authentication, VPN, device authentication and email. What can’t be seen can’t be kept secure! This all circles back to the base problem: the lack of clear ownership.
As far as PKI implementation challenges are concerned, an average of 52% cite insufficient skills. These sound like problems that can be solved with investments in training and increases in IT budgets.
However, only 33% of respondents say their PKI deployment faces too much change or uncertainty. Specific staff training programs could be part of the solution, as there is great value in workers learning about how to maintain and modify PKI to suit both current and future security needs.
PKI implementation risk 3: Moving PKI to the cloud is changing the rules
One of the top trends driving the deployment of applications that use PKI is the cloud. With 49% of the security perimeter having moved from the data center to more complex landscapes, IT leaders are faced with ensuring security without making compromises even though there are shortages of skills and resources.
66% of respondents believe that cloud-based services are the most important trend driving the deployment of applications that make use of PKI.
Secure PKI implementation usually requires visibility and control of all an organization’s Certificate Authorities. While 60% of respondents deploy enterprise PKI through internal corporate CAs, and 42% of respondents use externally hosted private CAs. A total of 28% of respondents use a public CA service, and 26% use a private CA running within a public cloud.
An organization may have a hybrid network that exists both in the cloud and on premises and some organizations have CAs from multiple sources. Organizations use an average of eight separate issuing CAs, with an average of eight distinct applications that need PKI. The lack of visibility that may result from this can have serious consequences! Cyber attackers may be able to easily bypass the encryption of your data.
While Ponemon Institute’s 2022 Global PKI Trends Study reveals some startling data, the good news is that these problems are fixable.
Your organization may benefit from a full overhaul of your PKI deployment. Whether it's further training, a larger budget, or greater visibility.
One solution your organization should strongly consider is PKI automation, which greatly simplifies certificate management and enhances the trust PKI creates between business and stakeholders.
Ready to get started? Learn more about how Venafi’s Zero Touch PKI will kickstart your organization’s digital transformation!
NOTE: This blog has been updated. It was originally posted by Kim Crawley on November 8, 2018.