We’re scouring the globe for INFOSEC companies you may have never heard of or you have but weren’t quit sure who they are and what they do. When it comes to very cool INFOSEC companies, Venafi is a fit. Here’s why: as you know we strongly believe that the more encryption you use, the better. As you might recall from Dave Porcello’s last month article about Data Exfiltration – whereby “loose lips sink ships” – we can clearly see that encryption of mission critical data is as important as system hardening.
While there are numerous types of X.509 certificates (e.g., SSL certificates), used throughout typical IT infrastructures as the de-facto credential to authenticate devices to the network and to other devices and help initiate encrypted conversations and transactions, the management of these certificates has become a key requirement for both IT Security Best Practices and in Regulatory Compliance.
Today, due to increased data protection requirements (government and industry regulations) and security best practices, there has been a surge in certificate inventories, which require regular maintenance. Failure to properly maintain these encryption assets can result in crippling system downtime, data breaches, and non-compliance, costing organizations millions of dollars.
Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise–class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the datacenter to the cloud and beyond—built specifically for encryption management interoperability across heterogeneous environments.
Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at:
Certificates and private keys play a critical role in securing data and systems across all types of organizations.
When dealing with the most important part of your Encryption technology – your certificates and private keys, according to Venafi, the following table shows some of the challenges that can arise:
Downtime and System Outages:
Certificates that are not renewed and replaced before they expire can cause serious downtime and outages.
Private Key Compromise:
Private keys used with certificates must be kept secure or unauthorized individuals can intercept confidential communications or gain unauthorized access to critical systems.
Regulations and requirements (like PCI-DSS) are requiring much more stringent security and management of cryptographic keys and auditors are increasingly reviewing the management controls and processes in use.
High Administrative Costs:
The average certificate and private key require four hours per year to manage, taking administrators away from more important tasks and costs hundreds of thousands of dollars per year for many organizations.
Large Scale Compromises:
If a certificate authority is compromised or an encryption algorithm is broken, organizations must be prepared to replace all of their certificates and keys in a matter of hours.
Unable to Scale Encryption:
The rollout of new projects and business applications are hindered because of the inability to deploy and manage encryption to support the security requirements of those projects.
Depending on the environment where keys and certificates are being deployed, some or all of these risks may apply. When considering implementing EKCM best practices, it helps to have an understanding of which of these risks apply to your organization. By prioritizing them and clearly communicating the importance of addressing in your organization, you can accelerate the implementation and adoption of best practices since all stakeholders will understand the tangible value to your organization.
As cybercriminals have become more skilled and sophisticated, the effectiveness of traditional perimeter-based security controls have become eroded. This is why encryption has become a strategic cornerstone for security and risk management.
As we learn more about Enterprise Key and Certificate Management (EKCM) solutions, we have to ask ourselves the following questions:
• Why should valuable data be encrypted to remove the hacker’s threat?
• Why is key management the most important component of your enterprise encryption strategy?
• How do the world’s leading, Fortune-ranked organizations address key management?
• What are best practices and standards for managing encryption keys across your infrastructure (data center, cloud, mobile)?
• What should your next steps be for security and compliance risk reduction?
To answer these questions, we at Cyber Defense Magazine believe you should take advantage of a valuable on-demand webinar, provided at no charge to you by Venafi. Take the time to view this valuable webinar and learn how to protect your data from cybercriminals and your organization from the risk of failed security audits.
As an added bonus, when you follow the link (below) and signup for the on-demand webinar, you’ll also receive access to a new Forrester research report from John Kindervag, Principle Security and Risk Analyst, “Kill Your Data to Protect it From Cybercriminals”, a $300 value, at no charge to you.
To view this ON-DEMAND webinar, please click here.
(Sources: CDM and Venafi)
Copyright (C) 2012-2013, Cyber Defense Magazine, a division of S.G. Samuels Publishing LLC
848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107. EIN: 454-18-8465, DUNS# 078358935.
All rights reserved worldwide. firstname.lastname@example.org