Innovate. Accelerate. Win.
September 18-19 | Las Vegas and Virtual
#MIMSummit2023 is the frontier for unstoppable innovation. The gathering ground for security leaders looking to redefine what’s possible. The must-see industry event of 2023. Register today and save with special Early Bird rates!
Wasn’t it only yesterday we were flipping out over Halloween and all those frightening certificate outage stories associated with it? Now, as I anticipate Thanksgiving, I couldn’t be more thankful. Most of my gratitude revolves around the obscene amounts of food that awaits me, but I also am grateful to be part of an effort that has helped organizations in so many industries end their problems with certificate outages. In other words, not worrying about your machine identities hopefully gives you extra time to be thankful for the more important things in life—because really, no one wants to get an outage call on a holiday.
And what better time to discuss a few of the great things the Venafi platform and our excellent tech specialists have done to help our customers with outages? I realize this post could come off as a little self-congratulatory, but Venafi not only came into being to solve this seemingly intractable problem, we recently introduced our turnkey solution No Outages Guarantee VIA Venafi to ensure your organization no longer gets hit with any scary outages or outages that shake you to your foundation.
So, when you read the all-too-real outage stories that follow—ones that helped us define our new offering—know that we can help you, too!
Getting to the Root Certificate Authority (CA)
A few Novembers ago, a large tech customer of ours accidentally deleted their offline root CA, leaving them with no internal PKI. The PKI team leader was beside himself—there he was, just days from the fourth Thursday in November, and he was facing having to stand up a new root CA and then renew all of their internal certificates. His Thanksgiving plans looked to be shot, as well as those for the Christmas holiday, given that fixing such a problem normally is a three-month job.
Fortunately, he was a Venafi customer, and after that moment of horror (wait, what holiday is this?), we helped him install a new CA and then, with the help of our platform, point to the new CA and renew all of those internal certificates.
Instead of taking three months, the process took only three days working around the clock. And merrily, he and his team were able to complete the process with enough time left over to keep their Thanksgiving plans.
Overcoming certificate sprawl in time for the holidays
Imagine you’re a bank with thousands of customers—and those customers include companies that are readying for the biggest retail season of the year. And you start experiencing a flurry of outages—on your websites and business applications—because of unplanned expirations of SSL/TLS certificates. To make things worse, your IT team lacks a map or any other means to track the locations of their internal and external certificates. You are freaking out because you have no way to predict expirations and therefore, subsequent outages from happening.
Fortunately, this bank’s CISO, knowing she needed to prevent further outages before Black Friday commenced, selected Venafi as the bank’s machine identity protection partner to help stop their outages. Venafi scanned 100 percent of their IT environment doing discoveries of previously unknown certificates. As a result, the bank not only found their expiring certificates, they learned of thousands of previously undiscovered certificates that were deployed throughout their environment.
With their machine identities secured and protected, they haven’t suffered any more certificate outages. Moving forward, this bank is further automating their certificate lifecycle to reduce costs and enable agile business initiatives, while still effectively managing machine identities.
Paying it forward
It’s fitting that my last Thanksgiving story revolves around a popular brick-and-mortar retail customer that has—like most retailers in the 21st century—a digital storefront. During back-to-school season, the retailer experienced an outage that prevented them from processing credit card transactions. Shoppers buying everything from laptops and tablets to old school Pee-Chee folders and BIC Cristal ballpoint pens were forced to call a customer service number if they wanted to pay for the items in their shopping carts. And more often than not, they abandoned their carts, causing the retailer to lose millions of dollars of sales.
After three days of Venafi-assisted troubleshooting, the retailer discovered an expired client authentication certificate that prevented verification of the retailer’s software to the payment card provider service. Before Venafi, our customer didn’t even know a certificate was involved in the payment card transaction process because whoever did the original installation and configuration was long gone.
Happily, the Venafi Trust Protection Platform gave this retailer visibility into that certificate, as well as the tools to renew it, to prevent further interruptions of payments. And you can rest assured their Black Friday sale went off without a hitch.
Be thankful. Venafi can help.
Writing this post made me realize that, at least where certificate outages are concerned, it’s better to be thankful than frightened. In this way, it makes sense from a dramatic perspective that Thanksgiving, a holiday with “thanks” in its name, is the perfect holiday to follow Halloween. Outages are scary for so many reasons, but they no longer have to loom as large in your fears. As I mentioned in my introduction, our No Outages Guarantee VIA Venafi can help your organization end certificate outages and let you enjoy your Thanksgiving holiday in joy and peace. Contact us directly, either before or after the holiday, to learn more.
In the meantime, want to share any certificate outage near misses you’re thankful to have sidestepped? Let us know in the comments or on Twitter!
Watch how Venafi assures some of the largest companies in the world a No Outages Guarantee. Learn more, here.