sb-eu logo
Story image

Four Major Misunderstandings about public key infrastructure (PKI)

21 May 2018

There’s a misconception that public key infrastructure (PKI) is dead. While some circles believe we’ve grown beyond it, the reality is actually quite the opposite. PKI is not only still relevant, it will become more crucial in the future.

This is especially true as we explore more ways to manage and secure communications across an exploding number of new machines and applications.

Overall, it’s frustrating that PKI has been getting criticised for a while now, and it’s time someone set the record straight. Here are four major misunderstandings about PKI and why it’s needed for our future security:

#1: PKI technology is too old

Simply put, there is not a suitable replacement for PKI. As we adopt more cloud and DevOps infrastructure, we need PKI more than ever. Cloud and DevOps technologies use large numbers of certificates that are needed for short periods of time.

Only PKI can authenticate these certificates effectively and verify that data hasn’t been changed. Plus, it only costs a few cents. No one has been able to develop an alternative that offers these benefits.

#2: PKI is too complicated

Some people believe that PKI is incredibly complex. However, it’s often the management of PKI assets—keys and certificates—that’s causing the real pain. As a result, certificate issues can arise and take up large amounts of scarce, highly skilled resources.

You can avoid nearly all of these difficulties by simplifying PKI via automation of the management and workflow of the certificate life cycle. And don’t worry; this isn’t nearly as difficult as it seems.

#3: PKI is a back-office support technology

PKI was created for a specific purpose, and then it kind of went dormant for a while. “PKI 2.0” started about four or five years ago. That’s when certificates started being used on smart cards and other devices to identify humans as well as machines. Now our networks are exploding with machines that need unique identities. And PKI is still the only effective way you can tame, authenticate and protect all of these machines.

#4: PKI is an administrative tool

Executives often perceive PKI costs as unnecessary. But unmanaged machine identities can seriously impact your organisation. If a certificate and its corresponding keys are stolen, attackers can use them to feign trust. Once they’ve done this, they can move around inside your network completely undetected and do all kinds of malicious things. On the positive side, effective PKI management will alleviate these dangers.

So, what’s next for PKI?

Ultimately, PKI management is going to become a more critical component. The explosion of machines means that we’re putting a substantial number of keys and certificates on our networks. If you’re not consistently managing PKI, then you could be the victim of an attack by bad actors targeting keys and certificates.

As it is the foundation of all secure internet transactions, make PKI your best friend, not your worst enemy. It’s here for the long haul.

Click here to find out how Venafi can help you secure your PKIs.

Article by Venafi's regional director of Asia Pacific, Terrie Anderson.

Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Cryptomining trojan malware discovered by ESET researchers
The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.More
Story image
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More