This blog looks at SSL automation, a recent survey from Digicert and what’s required to reduce the pressure on limited IT resources. Credit: The SSL Store’s blog; 4 Takeaways from DigiCert’s 2021 PKI Automation Study
Manually managing the SSLs at scale within large businesses simply isn’t feasible. Some enterprises have very large certificates and given the recent renewal update (every year) managing SSLs can equates to several resources focussing full time on the digital certificate function. A recent DigiCert’s survey data showed:
- 61% of surveyed enterprises worry about the time requirements of certificate management.
- The number of PKI certificates that enterprises need to manage increased by 43%.
- Enterprises can manage more than 50,000 certificates within their environments!
Based on this number, it means you’d have to track and manage an average of nearly 137 certificates per day. Needless to say, that’s a recipe for disaster that worsens when you also consider the management of the cryptographic keys that accompany each digital certificate.
- Data from a 2020 Keyfactor report shows that organizations say they have upwards of 88,750 certificates and keys within their environments. (That’s an average of 243 certificates and keys per day that you and/or your team would have to manage.)
- Another Keyfactor report indicates that more than half (53%) of respondents say they have no clue how many of these assets they have. (This estimate includes self-signed certificates as well.)
Growth of a business leads to increased SSL issues
DigiCert’s 2021 report data shows that as organisations grow, their struggles to manage certificates (and their PKI workloads overall) grow with them:
- Two in three enterprises have experienced outages due to expired certificates.
- 25% reported having up to six PKI-related outages in the previous six months.
That’s a lot of outages to have in such a relatively brief period. For obvious reasons, this can have a devastating effect on your brand.
Let’s compare this to going to eat at your favourite restaurant. How would you feel if the restaurant’s staff frequently screw up your order and provide poor service frequently when you visit? It would be a horrible experience for you and would likely ruin your trust and faith in that brand. Needless to say, that restaurant wouldn’t remain your favourite for long.
What You Can Do to Mitigate This Issue – Automate SSL
Using a certificate management platform that offers certificate automation is a great way to handle many of the issues you’ll face in terms of improving security. Automation should be used wherever possible for the enrollment, installation, monitoring, and replacement of certificates or justification should be provided for continuing to use manual methods that may cause operational security risks.
In addition to decreasing cyber security risks, PKI automation also helps you streamline processes to increase efficiency and free up your employees to work on other critical tasks.
The determining factors largely depend on the size of your business, the number of certificates you have, and weighing up the functional costs of manually administering SSLs versus the cost of implementing and maintaining a PKI solution.
How to Automate SSL?
The first step to SSL automation is to talk to the experts who can offer multiple PKI platforms depending on your SSL preferences. Scoping out the requirements – resources and costs will help determine the value versus effort. brandsec can assist with this process and leverage our partners, such as the SSL Store, to optimize implementation.
brandsec is a corporate domain name management and brand protection company that looks after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.