“Encrypt everything” is now a prime directive on the Internet. That’s generally good advice, but setting up effective encryption isn’t as simple as flipping a switch. Managing the public and private keys and digital certificates that are essential to robust security takes careful planning and constant vigilance. This isn’t a set-it-and-forget-it operation; digital certificates are valuable assets, and a moment’s carelessness can be catastrophic to your business.
Managing encryption on a business network starts with choosing the right digital certificate and installing it properly. When that task is accomplished correctly, anyone using the encrypted service can be assured that they’ve reached the correct endpoint and that any data exchanged can’t be intercepted by a would-be data thief.
Unfortunately, too many businesses fail at that essential task, as a 2019 study by the global security firm Venafi confirmed. In the survey of 550 CIOs from the U.S. and Western Europe, Venafi found that nearly three out of four organizations had experienced one or more certificate-related outages that disrupted critical business applications or services over the previous two years.
That’s not surprising, given the sheer number of digital certificates in use by large businesses today. A 2020 study by digital certificate giant Entrust found that organizations large enough to have their own internal certificate authorities manage an average of 56,192 internal or externally acquired certificates.
What can go wrong? Let’s count the ways.
The most basic error is choosing the wrong certificate type. For a personal website, a free certificate from a company like LetsEncrypt is adequate, but a business website needs the support and extended capabilities that only come with a certificate from a top-tier company. Even worse is using a self-signed certificate, which might be adequate for testing purposes but should never be deployed in production.
For regulated industries like healthcare, using the wrong type of certificate can lead to regulatory consequences as well.
And even a state-of-the-art certificate comes with an expiration date. If you forget to renew a certificate, your service breaks. When that happened to global networking giant Ericsson in 2018, the result was a network outage that affected tens of millions of mobile phone customers in the U.K. and Japan. Even giants like Microsoft aren’t immune to this kind of mistake: global outages to the Microsoft Teams software in 2020 and the Microsoft Exchange Admin Portal in 2021 were traced back to expired certificates.
Even the most cautious administrator probably wouldn’t think twice about installing a utility that was digitally signed by a trusted company.
But the nightmare scenario for any business is that its private key becomes compromised, with an attacker gaining the ability to digitally sign malware or intercept communications using a certificate that is trusted by nearly every computing device in the world.
That happened to the email security provider Mimecast in early 2021, when the company reported that hackers had compromised a digital certificate used to encrypt communication between its customers’ sites and Microsoft’s Office 365 Exchange web servers. The attacks were apparently targeted at specific customers, but the burden of cleaning up the mess and worrying about what sort of confidential information had been stolen fell on every customer. In a separate attack in 2018, several Taiwanese companies had their private keys stolen. In one case, a certificate that belonged to D-Link, a global supplier of networking hardware, was used to digitally sign malware that surreptitiously installed a backdoor on computers where the software was installed. Even the most cautious administrator probably wouldn’t think twice about installing a utility that was digitally signed by a trusted company.
How do you avoid adding your company’s name to the list of certificate-related failures? Experts advise adopting a set of best practices that reduce the risk of unpleasant surprises.
For starters, you need a strict inventory of every certificate issued by or for your organization’s Certificate Authority. Those assets are every bit as valuable as the hardware on which they’re installed, and being able to quickly run reports is key to avoiding certificate-related security issues.
Running regular certificate audits to compare the certificates in the inventory to those that have been deployed. That precaution allows you to quickly determine whether an unmanaged certificate has snuck onto your network, whether it’s from a rogue employee or an outside attacker.
Even a short outage caused by an expired certificate can cause millions of dollars in damages.
It’s crucial to create a management structure in which every certificate has an owner and processes are in place to seamlessly transfer that ownership if an employee leaves. Even a short outage caused by an expired certificate can cause millions of dollars in damages and incalculable damage to a company’s reputation. The worst time to find out that a certificate expired without warning is when angry customers begin calling your support lines.
Set up the proper security infrastructure for acquiring, deploying, and renewing certificates. A hardware security module is the best way to prevent a private key from being compromised and misused. HSMs are physical devices that use secure cryptoprocessor chips to prevent tampering; they manage digital keys & encrypt and decrypt digital signatures.
Finally, set up notifications and reports so that multiple teams have ample notice of certificate expirations well in advance and can identify potential issues while there’s still time to prevent potential damage.
Digital certificates are a key element for effective cybersecurity, but managing them properly takes dedicated, focused work. Make sure your business avoids the catastrophe that can follow carelessness.