The cost of expired certificates

  • SSS – IAM Team
  • Nov 16, 2017

Certificates.  What are certificates?  Why use them?

A Certificate is a digitally signed statement. It is commonly used for authentication and to secure information on open networks.  The scope for which certificates are being used is expanding to devices, people and things.  However, certificates don’t last forever, they are not a ’set and forget’ technology.  Depending on the size of your business, just keeping track of your certificates can be a full-time job.  Expired or forgotten certificates can have detrimental and costly effects on a business.

Unwanted and unexpected outages caused by expired certificates often cause significant financial losses and damage to company reputation.

A study of 2,400 global 5000 companies showed that an unplanned outage due to a certificate expiring can cost these large organisations on average around $15M for each event, and on average, they have one such event a year! Whilst the average cost to recover may be significantly less in New Zealand, we are not immune, and many businesses out there have stories of high impact outages caused by expired certificates.

When organisations’ entire customer facing business-platforms suffer from prolonged outages it could cost tens of thousands in recovery, hundreds of thousands in lost revenue and an immeasurable loss in credibility. Certificates are often not the first place response staff think to look. The same certificate can be applied across multiple systems meaning that the impact is exaggerated.

As companies become more reliant on certificates to secure communications and user and device authentication, in order to avoid unplanned outages they need to implement a key lifecycle management plan that includes regular audits and policies around certificate ownership within the organisation.

Thankfully there are tools available to help with certificate management and to help organisations pro-actively manage their certificate lifecycle.  According to Gartner, ‘by 2019, organisations that leverage certificate management tools will suffer 60% less certificate-related issues’.

Certificate management tools offer great benefits such as improving visibility and control as well as allowing automation of the entire renewal process.  This means your certificates could be replaced within seconds and the built-in validation will reassure you that your certificates are installed, working, current and protecting your organisational assets.

Another great feature these tools can offer is the ability to scan your internal network.  This enables you to discover every certificate in use and detail important certificate details such as the expiry date, owner and issuing Certificate Authority.

The tool that SSS chooses to represent is Venafi. Venafi is committed to help leaders secure and protect machine identities.    This solution will:

  • identify device and user identity weaknesses and automatically take corrective actions,
  • continuously monitor keys and certificates for expiry,
  • enforce key and certificate policies to prevent expiry,
  • provide dynamic identity protection across an extended infrastructure in one trust platform.

Click here to read more about the Venafi Trusted Protection Platform.

SSS is proud to be a partner of Venafi.   Contact us to discuss how Venafi can help you automate and manage your certificate management process.