Oct 5, 2018 9:48:16 AM

What is a Next-Gen PKI?

With cyber crime damage costs estimated to hit $6 trillion annually by 2021, there’s no doubt that cybersecurity continues to be one of the top concerns for IT departments in every industry. They’re constantly in search of more robust capabilities beyond what’s always been used. As cybersecurity has evolved, so have public key infrastructure (PKI) solutions. We’re now entering a new era of PKI that's focused on the long-term sustainability of certificates and devices across the enterprise.

Ted Shorter CSS PKI

In a recent interview Info Risk Today,  our CTO Ted Shorter shared his views about the growth of PKI and what the future holds for this type of security.

How We Got Here

PKI management has been used by businesses as a way to keep digital assets secure, but it hasn’t always looked how it does now. There’s been an evolution over the years, and we can outline its history in three phases:

  • Phase I: The first phase of PKI management came about in the early days of Internet certificates. At this time, companies wanted widely trusted certificates to secure their websites and ecommerce platforms, but there were only a few issuers creating them. Because of this, the cost for each certificate was very high.
  • Phase II: In the mid-2000s, companies began looking to secure devices and needed to apply user certificates on an enterprise level rather than worldwide. This enterprise approach gave them more control over the types of certificates used. With a greater variety of certificates available, companies needed a way to manage all of them. This led to the rise in PKI management solutions.
  • Phase III: This is the phase we’re entering now. With tens of billions of connected devices out there, the Internet of Things (IoT) has significantly changed the technology landscape. And, with IoT comes new security challenges because each device needs to be secured to protect the sensitive data it holds. Businesses must make secure device identity a priority, and certificates are the de-facto way to achieve this. PKI management in the IoT era needs to be capable of keeping devices secure for the entirety of their lifecycles, at an affordable cost.

Where Are We Going?

As the tech industry transitions to the next generation of PKI, solutions will need to adapt and evolve to meet IoT and enterprise security needs, including: Scalability: Because certificates are being adopted at a more rapid rate, businesses need systems that can track and manage them easily. As the number of certificates an organization owns increases, so does the security need. PKI solutions must have large capacities and expansive capabilities to truly cover an enterprise. This scalability also goes hand-in-hand with cryptoagility, or securing devices across their lifecycles.

  • Affordability: Economies of scale are a must for companies purchasing more and more certificates. This means new pricing and cost models that align with the budget constraints of most IT departments. The days of costly per-certificate fees are long gone, and PKI management no longer has to break the bank.
  • Automation: An automated approach optimizes PKI management throughout the enterprise and across IoT devices. Automation swaps out aging algorithms and ensures updated certificates are applied. For enterprises, it allows certificates to be re-used, saves administrators time, and enables cryptoagility.

Join the Next Generation

Certificate management is complex with lots of moving parts and administration that needs to be managed. If you want to take advantage of this next generation PKI, your best bet is to find an experienced partner to help guide you through it. Once you automate, you'll be able to move internal resources to other important initiatives that the business is looking to tackle.

Listen to Ted Shorter’s full interview with Info Risk Today here.