most organizations don’t actually know how many keys and certificates they have. Known certificates
            account for a small percentage of an organization’s overall inventory. As a result, unknown or rogue
            certificates create significant exposure to unexpected outages and downtime.

            Reason #5: Spreadsheets are a time-suck

            Organizations who have roughly 100 or more X.509 certificates and use manual processes typically need
            a  full-time,  dedicated  resource  to  manage  certificates  within  their  business.  In  most  organizations
            responsibility is juggled between several team members. This isn’t only a time-suck, it’s a budget drain,
            too - the reality is that IT and security resources are already spread thin. InfoSec teams juggle multiple
            responsibilities at any given time, which creates more room for error and oversight when it comes to
            certificate management.


            If you’re starting to reconsider the way you manage your digital certificates, consider these criteria:

               ●  Scale – do you have more than 100 digital certificates?
               ●  Complexity  -  do  you  use  multiple  certificate  authorities  (CAs),  network  devices  and  cloud
                   platforms?
               ●  Resources – does your staff spend too much time on certificate-related tasks rather than IT
                   priorities?
               ●  Outages – have you experienced certificate-related outages over the last two years?


            If you answered yes to any one of these criteria, you may want to consider certificate lifecycle automation
            to lessen the burden on your in-house team. An automated platform not only streamlines your certificate
            management process, it also monitors and reports on certificate status for compliance, saves time and
            mitigates  security  risks  posed  by  manual  processes.  And  with  the  number  of  choices  available,
            onboarding an automated platform is a lot easier than managing your digital certificate spreadsheets.



            About the Author


                                                 Ryan Sanders is a Toronto-based product lead with Keyfactor, a
                                                 leader in providing secure digital identity solutions for the Global
                                                 2000  Enterprises.  Ryan  has  a  passion  for  cybersecurity  and
                                                 actively  analyzes  the  latest  in  compliance  mandates,  market
                                                 trends,  and  industry  best  practices  related  to  public  key
                                                 infrastructure (PKI) and digital certificates. For more information
                                                 visit:  www.keyfactor.com  or  follow  @Keyfactor  on  Twitter  and
                                                 LinkedIn.










            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         102
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.