It was reported this morning that when some users noticed on Tuesday that when they tried to access LinkedIn from their desktop or laptop computer they were greeted by an alert that said the connection was not secure. It turned out that the company had forgotten to renew the TLS certificate for its lnkd.in URL shortener. The company quickly took action after being notified. The new certificate is valid until May 2021:  

Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi: 

“Certificates control communication and authentication between machines so it’s critically important not to let them expire unexpectedly. Unfortunately, most organizations don’t even have a clear understanding of how many certificates are in use or which devices are using them; so they definitely don’t have a clear idea of when they will expire. 

This lack of comprehensive visibility and intelligence routinely leads to certificate-related outages; this is not a unique occurrence. Ultimately, companies must get control of all of their certificates; otherwise, it’s only a matter of time until one expires unexpectedly and causes a debilitating outage.” 

 

 

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.