Public key infrastructure (PKI) is a core building block of IT in an enterprise, providing secure digital identities for people, devices, and applications. Many organizations build and deploy their own PKI to support things like data protection and network authentication. Furthermore, PKI today is expected to support new use cases like the Internet of Things (IoT), DevOps and Cloud initiatives. But, if PKI is so critical to enterprise security, then why do so many PKI deployments fail?
Deploying and running a PKI in-house can be a complex undertaking for even the most experienced IT and security professionals. Unlike other tools in the IT stack, it’s not just about technology. PKI is a set of moving parts including hardware, software, policies, and procedures. And there is no room for error. Mistakes made during PKI design and deployment not only create headaches for administrators and certificate users, but they also significantly increase the risk of a widespread outage or security breach. We frequently run into scenarios where complex PKI deployments are inherited by a new IT specialist unfamiliar with PKI; sometimes it’s a ‘temporary’ deployment that went wrong. Other times, it’s simply a matter of maintenance and operational overhead taking critical IT and security resources away from their core competencies.