Public key infrastructure (PKI) is a system of processes, technologies, and policies for encrypting and signing data. It plays an essential role in authenticating users, servers, devices, software, and digital documents. Yet enterprises are struggling with the growing number of PKI certificates they must manage, and many are considering PKI automation to address this problem, according to a new DigiCert report.
The report, “State of PKI Automation 2021,” explores how organizations are handling the challenge of PKI certificate management. Expired certificates are a problem because they disable encryption and create an attack surface for hackers. DigiCert commissioned ReRez Research to survey IT leaders from 400 global organizations of 1,000 employees or more. The survey focused on specialists managing digital certificates for users, servers, and mobile devices.
The report revealed that today’s organizations manage more than 50,000 certificates, a steep upsurge from previous years. More than half (61 percent) are concerned about the time it takes to manage certificates. According to 37 percent of the respondents, their organization has three or more departments managing certificates, which creates silos that hide certificates from IT security teams until something goes wrong.
A lot of unmanaged keys are out there
A typical organization has as many as