Over the last couple of decades, PKI has grown – both in its application and its overall footprint within our global lives. What has been used to secure websites, networks, and VPNs, has evolved to meet the demands of newer use cases like IoT and DevOps. And while the traditional use cases are still the top applications for PKI, it’s the new ones that are driving increased adoption. They’re also adding complexity and increasing demand on security environments. From this, a couple of things have happened:
In the 2020 Ponemon PKI & IoT Trends Study, organizations we’re asked what their challenges were when it comes to enabling applications to utilize PKI. Coming in at #1 (and skyrocketing up 16% from last year) was lack of knowledge/visibility of their PKIs security capabilities. How does this happen? A few things could be at play here: it could be legacy PKI where the person who set it up – perhaps decades ago – is no longer with the organization, or equipment and algorithms could be reaching end of life. Why does this matter? It makes it challenging for organizations to maintain their security posture and infrastructure as they have in the past.
The challenges to enable applications to utilize PKI
Source: 2020 PKI and IoT Trends Study
But that’s not the only challenge when it comes to maintaining security posture. That leads us to…
Lack of internal skills and resources
In that same Ponemon Study, the top 3 challenges in deploying and managing PKI we’re identified as: no clear ownership and insufficient skills and resources. That could further explain some of why organizations don’t know their PKI’s security capabilities. So what about when these new – and more complex – use cases arise? The previous answer to diversification and scale was to add another CA. More CAs but lack of skills and resources? That creates a huge management and maintenance issue.
So what does this all translate to? When it comes to PKI, organizations need:
- Simple – managed components and turnkey approaches to use cases
- Scalable – the ability to scale out and drive capacity on demand
- Speed – deploys quickly and doesn’t block business
- Secure – assurance in your security posture and that your environment is secure
At Entrust, we understand customers need a PKI that can meet the demands of modern business and run where they do business – the cloud! And that’s exactly why we developed our latest PKI platform – PKI as a Service. The result of 25 years of expertise and innovation, PKI as a Service secures use cases through turnkey approaches, solving customer problems while making it straight forward and simple for them to consume.
PKI as a Service is not only a continuum of our world leading high assurance PKI solutions, but also part of our wider Entrust-as-a-Service offerings – all helping customers secure the people, systems, and things with turnkey cloud solutions that are easy to consume and backed by the digital security.