PKI 12-28-2020

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure


Public Key Infrastructure (PKI) is everywhere.

It's the invisible safety net we place behind information, people and devices on the internet. We rely on cryptographic keys and the certificates associated with them to keep our data private and secure.

One of the most widespread use cases of PKI is in the TLS/SSL protocol, which secures almost every single encrypted HTTPS communication you can think of: browsing social media websites, reading the news, online shopping.

Indeed, more than 80% of websites are protected by HTTPS-encrypted communication, so you use them every day. This means that website TLS certificates are the most widely used PKI certificates.

But PKI is much broader than everyday internet traffic and communications. In fact, when you dig a little deeper, you'll discover that PKI is often used for other applications, devices and major portions of our digital lives.

With that in mind, let's take a look at three surprising use cases of PKI.

1. Digital signatures

“Wet signatures” — written with ink on paper — come with plenty of downsides.

After all, sending off a physically signed contract for approval can take a lot of time. And as we all know, the longer something takes, the more frustrating it can be.

Legally binding documents may require in-person signing or signing before a witness or notary, so delay is not the only factor. With the coronavirus pandemic, face-to-face signings carry health risks, too.

Using digital-signature technology speeds up the signing and approval of important documents — for example, when people sign contracts for new services. You may have already seen this with online services or signing a PDF document.

But if you're looking to use digital signing in your business, you need to be sure that the digital signature is genuine, the document hasn't been tampered with and that nobody can see it without permission. That's a job for a digital certificate and the PKI that makes it possible.

To make things easier for your business, try to use a document signing platform that allows people to:

  • establish document authorship
  • ensure data/content integrity
  • manage certificates and signings at scale
  • confirm the identity of the sender

2. Encrypted and authenticated email communications

Email is one of the most popular forms of communication. But for some organizations, it can pose a huge data security risk. In fact, 22% of all business breaches involve email phishing.

PKI allows senders to sign their emails, just as it supports document signing. This means that you can send encrypted and authenticated emails, keeping the contents private, but your recipients can verify that it came from you.

Without the right end-to-end encryption and appropriate security, sensitive personal information could leak outside of your business during transit. Fall foul of regulations like the EU's GDPR or California's CCPA and the costs can be very high — up to 4% of global revenue, in the case of GDPR.

This is where PKI can add an extra layer of consistent, watertight protection and authentication. As an example, the U.S. federal government harnesses a Federal PKI that authenticates users, proves authorship and protects emails during their transit to national and international agencies. This means sensitive information, including emails with attachments, can be sent securely, without tampering and in compliance with federal regulations.

If you'd like to replicate email encryption and digital signing within your organization, here are some useful tips to stay secure efficiently:

  • Adopt a corporate policy for email signing digital signing for email
  • Centralize your email certificate management and deployment in one integrated portal (this saves time and will mean nothing goes amiss!)
  • Use pre-configured email certificates wherever possible
  • Adopt a tool that automates PKI deployment

3. Physical and virtual smart card authentication

Secure, chip-based systems are becoming more and more present across both B2B and B2C businesses alike. From electronic ID authentication in the public sector, to cards that verify employee ticket requests and payments across industries, there are many use cases for smart cards.

One such industry that will benefit from the technology is the healthcare sector.

The U.S. healthcare industry experienced 510 breaches in 2019, all of which involved 500 or more records. That's the equivalent of 1.4 breaches per day.

With so much sensitive data going in and out of hospitals on a daily basis, it's essential the healthcare industry scraps hackable passwords and adopts a more reliable method. This is where smart cards come into play. These smart cards can:

  • reduce data breaches and fraud
  • provide better data capture
  • place authentication and data access in the hands of employees themselves

The UK's National Health Service uses smart cards — both physical and virtual — built upon a PKI and certificate infrastructure. The virtual card is stored on an employee's mobile device, therefore reducing the likelihood of patient data leaking. It's a flexible solution that allows employees to access the data they need securely (and are authorized to view) and whenever they need it.

For large healthcare organizations, as well as enterprise businesses across sectors, we recommend using a tool that automates smart card provisioning and authentication. Ultimately, this will reduce manual error and give back the gift of time to your IT teams.

Empower your digital enterprise with PKI

From digital signatures to data encryption, user, device and client authentication, and smart card authentication, there are plenty of arguments for embracing PKI and enabling better, automated certificate management in your organization.

For enterprises with thousands of certificates to manage, or more, keeping on top of the PKI estate can be challenging, particularly if you rely on manual processes. One forgotten certificate that expires can shut down your web services or open your business up to a data breach or hack.

The solution, of course, is to let technology take the brunt of the work. With an enterprise-grade PKI management platform, your business can:

  • gain better visibility into your certificate ecosystem.
  • manage your certificates and stay in control.
  • automate as much of your PKI as possible.
  • enroll new users quicker, up 72% faster.
  • ensure the integrity of all your data and communications.
  • authenticate each user seamlessly.
  • reduce the likelihood of a data breach or fraud with end-to-end encryption.
  • seamlessly deploy your entire PKI operations across any environment: cloud, hosted, on premises, hybrid or in-country.

Sounds perfect, right?

If you'd like to find out more about a managed PKI platform and the benefits it could have for your enterprise, take a look at our informative modern PKI infographic.

Best Practices

Simplify Code Signing Around the Holidays and Always

5 Min

Featured Stories


What Is A CA’s Role In Delivering Digital Trust?


The Entrust distrust: Key takeaways for CAs and organizations


How to Secure Quantum Computing in the Cloud