Experts Reaction On Microsoft Teams Suffers Major Worldwide Outage Due To Expire Certificate

By   ISBuzz Team
Writer , Information Security Buzz | Feb 04, 2020 03:13 am PST

Microsoft Teams has suffered a major worldwide outage due to an expired digital certificate. People have taken to Twitter to complain, while others are taking the opportunity to point out the awkward reality that Microsoft is itself a certificate authority while highlighting that it is a totally avoidable issue.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Ted Shorter
Ted Shorter , CTO
February 5, 2020 12:37 pm

It’s not the certificates you know about that will cause your next outage – it’s the ones you don’t. Ignoring certain certificate types or sources within your organization creates a massive blind spot in which enterprise-critical certs can sit undetected and unseen – until they cause a problem. Even one single certificate can cause a lot of damage.

Managing PKI pre-cloud, DevOps and IoT was a simpler exercise. Network connections across people, applications and devices are constantly multiplying, creating an exposure epidemic that opens up new security risk, unchecked vulnerabilities and a broader attack surface. If Microsoft is having challenges managing their certificates imagine what that situation is like with smaller enterprises who lack the same level of resources and security maturity.

Last edited 4 years ago by Ted Shorter
Kevin Bocek
Kevin Bocek , VP Security Strategy & Threat Intelligence
February 4, 2020 11:17 am

Microsoft is experiencing something that happens every day to Global 5000 businesses. Certificates can take weeks to renew and mistakes are often made. These mistakes can cause a service or application to go down for hours, days, and, in some cases, even longer. This is not a unique occurrence, and unfortunately Microsoft Azure and LinkedIn have experienced outages due to expired certificates in the past.

The main issue is that certificates act as authenticators for machines, they authorise machine-to-machine connections and communications. Keys and certificates serve as machine identities and they are critical to making today’s global economy work. When they expire, business stops.

The problem is that most businesses and government agencies companies are using thousands of certificates but they don’t have the insight.

Last edited 4 years ago by Kevin Bocek

Recent Posts

Would love your thoughts, please comment.x