Preparing for the Future of Digital Certificates
Digital certificates secure everything from devices to web pages, but only if they’re properly managed. Technologists who follow public key infrastructure (PKI) and IoT have identified two key trends that will have a broad impact on this market space. The first is that digital certificate lifespans continue to get shorter. The second is a massive uptick in the number of devices requiring a certificate. Both trends have implications on how we manage our IT resources and risk for our organizations.
Digital Certificate Lifespans Are Shrinking
For some highly secure applications and devices, the recommendation for certificate lifetime can be as short as 30 days. 30 days! This means you barely tear off the page on your Legends of Silicon Valley desk calendar before it is time to motivate yourself to get another certificate. (Inner you: What would Steve Jobs do?) Digital certificates have always had expiration dates, but combine the sheer number of IoT devices being issued (21.5 billion by 2025 according to Statista) with their shortened lifespans and you have an IT challenge of magnificent proportions!
And it’s not just publicly trusted browser certificates. Private PKI is also falling in line around the short-lived digital certificate. True, some IoT devices are set-it-and-forget-it: issue a certificate once, and the device is set for its functional lifetime of 3-5 years. But other IoT devices, like security cameras and door sensors, may require shorter-length lifetime certificates. This is not the area to skimp on security.
Lifecycle Management Without Headaches
These trends are already taxing IT resources. Most organizations do not have the financial resources to have dedicated IT teams managing the lifecycle of these certs. Meanwhile, expired certificates aren’t just security liabilities (although the security implications of running systems with expired certificates should not be ignored). Outages caused by expired certificates are a potential source of reputational damage, customer frustration or even lost business for organizations of all sizes, across sectors. You get the picture.
The remedy? Digital certificate lifecycle management. Sure, today you might only need a few dozen certs that you feel like you can manage from a spreadsheet, but that process does not scale. Securing your enterprise networks, IT systems and IoT devices with PKI doesn’t have to be difficult. You just need the right tools to manage the process. A digital certificate management platform helps you keep up with the growing and changing nature of your business, while also preventing outages from human error. Users can manage their entire certificate portfolio from a single portal to instantly enroll, approve, issue, revoke and renew certificates.
Our HydrantID Account Certificate Manager (ACM) allows security administrators to eliminate manual processes for tracking, installing and renewing public (TLS/SSL) or private trust digital certificates. Administrators can automate certificate management through ACMEv2, SCEP, EST and Microsoft auto-enrollment protocols.
Get the latest blogs on identity and access management delivered straight to your inbox.
Mrugesh Chandarana is a Senior Product Manager, in Identity and Access Management Solutions at HID Global, where he focuses on IoT and PKI solutions. He has more than ten years of cybersecurity industry experience in areas such as risk management, threat and vulnerability management, application security and PKI. He has held product management positions at RiskSense, WhiteHat Security (acquired by NTT Security), and RiskVision (acquired by Resolver, Inc.).