Enterprises increase reliance on public key infrastructures
A new report released by data protection company Thales and the Ponemon Institute shows that the use of cloud services and the IoT has led to greater dependence on public key infrastructures (PKIs) in today's businesses.
The survey of more than 5,000 companies across 11 countries shows that PKIs -- used to create, distribute, store, and revoke digital certificates and manage public-key encryption -- are increasingly relied on to support applications.
On average PKIs support eight different applications within a business, up one from 2015, but in the United States the number is up by three applications.
Cloud-based services are seen as the most important trend driving the deployment of applications using PKI by 62 percent of respondents, (up from 50 percent in 2015) and 28 percent say the IoT will drive this deployment. The biggest challenge organizations face, cited by 58 percent, surrounds the inability of their existing PKIs to support new applications.
Security is a major concern and a high percentage of respondents continue to report that they have no certificate revocation techniques. The use of high assurance mechanisms such as hardware security modules (HSMs) to secure PKI has increased though. The main places where HSMs are deployed to secure PKIs are for the most critical root and issuing certificate authority private keys together with offline and online root certificate authorities.
"An increasing number of today's enterprise applications are in need of digital certificate issuance services -- and many PKIs are not equipped to support them," John Grimm, senior director security strategy at Thales e-Security says. "A PKI needs a strong root of trust to be fit for purpose if it is to support the growing dependency and business criticality of its services. By securing the process of issuing certificates and managing signing keys in an HSM, organizations can greatly reduce the risk of their loss or theft, thereby creating a high assurance foundation for digital security. Thales has decades of experience providing HSM-based PKI solutions and services that help organizations deploy world-class PKIs and trusted infrastructures".
The full report is available to download from the Thales website where you can also register for a live webcast to discuss the findings on October 12th.