Managing the costs of manual certificate management

Tim Callan at Sectigo talks to Business Reporter about the high costs of manual certificate management and how to avoid them

Business Reporter: When it comes to certificate management, how are businesses exposing themselves to risks?

Tim Callan: Manual certificate management is creating huge risks within enterprise security. It’s common knowledge that managing certificates by hand (or spreadsheet) is rife with pitfalls – many of which you won’t see coming until it’s too late. The bottom line is, businesses cannot afford to risk having certificates expire, and could experience a world of hurt if they are not up-to-date and accurate. Despite this, many continue to rely on archaic processes that increase risk exposure and add significantly more administrative effort and cost to maintain.

BR: How does manual certificate management lead to errors?

TC: Unfortunately,  due to the plethora of certificates that have to be managed across modern organisations, even the most dedicated administrators can make mistakes. However, a simple mistake can lead to massive consequences, making enterprises vulnerable to criminal activity and fraud, negative customer experiences, and compliance risks.

Suppose a server’s certificate expires and causes just one hour of downtime on an eCommerce website. The cumulative costs could amount to hundreds to millions of dollars, lost customers, and a tarnished brand image.

These days, especially as there are more remote workers than ever before, and network environments are far bigger than one touchpoint. Thismay include VPNs, cloud infrastructure, DevOps, mobile devices, Internet of Things, and more. As environments grow in complexity,  the financial risks of failing to manage PKI certificates  are increasing effectively.

BR: So, what’s the best alternative?

TC: To reduce the high costs of manual certificate management, it’s critical to address the root of the problem: human error. A cloud-based, automated system not only gives your organization speed and accuracy but also gives you peace of mind that your organization will avoid substantial damage. Technology that helps automate online trust has been around longer than you might think, making automated certificate management a time-tested, solid solution.

Instead of manual processes, you can turn to protocols such as Simple Certificate Enrollment Protocol (SCEP) and Enrollment over Secure Transport (EST), which is considered the evolution of SCEP because it uses standard TLS, and Automated Certificate Management Environment (ACME), which is a newer protocol. The ACME protocol is gaining popularity as an open-source solution, bringing down the Certificate Lifecycle Management (CLM) total cost of ownership.

With automated certificate management, the time to deploy that SSL certificate is slashed from 2 hours to seconds and can be applied at scale to the hundreds, thousands, and tens of thousands of PKI certificates that enterprises need to manage.

BR: What’s the bottom line for businesses?

TC: All certificates expire and must be renewed. It’s a routine cycle. A myriad of problems, from server downtime to massive hacks occur as a result of unnoticed certificate expirations. It’s a problem businesses simply can’t afford. That’s why manual certificate management represents more risk than organizations can tolerate, with damage potential too substantial to ignore.

Don’t let your organization fall victim to a process that can be easily automated. Automated CLM removes the potential for human error, and should be part of your security investment. Remember– the most effective security investment is security that is both easily deployed and easily used by employees.


Tim Callan is Chief Compliance Officer at Sectigo

Main image courtesy of iStockPhoto.com

Business Reporter

Business Reporter

© Business Reporter 2021

Top Articles

Digital Economy and Improving Business Performance January 2022

Visionaries see the potential of revolutionary technologies before most of us even notice that they have emerged. Pragmatists work doggedly…

Modernising management: how digital strategy improves transparency and efficiency

The digital age is transforming the way leaders manage their businesses and serve their clients.

Solving today’s biggest enterprise cloud challenges

Close to 75 per cent of US companies now rely on public cloud platforms, and according to AHEAD’s research

Related Articles

Register for our newsletter