Best Practices 08-01-2014

85% of Organizations Still Manage SSL Encryption with Spreadsheets


According to a Forrester study, 84% of users don't believe organizations are doing enough to protect customer data online. According to the same study, 24% of users have actually stopped an online purchase because of security concerns.

Managing online security and the reputation for secure systems is a challenge all enterprises face today. In addition to managing security concerns it's critical that ongoing efforts are made to develop and ensure user trust in cloud services and enterprise systems.

78% of IT professionals surveyed confirmed that their organization has experienced significant downtime due to certificate expiration due to mismanaged SSL Certificate deployment. The lack of centralized, easy-to-manage certificate management systems that are affordable to most organizations only complicates correctly managing system security.

The Anti-Phishing Working Group (APWG) notes that in one particular case, over 14,000 phishing websites were found to have originated from just 61 servers.

“Instead of hacking sites one at a time, the phisher can infect dozens, hundreds, or even thousands of websites at a time, depending on the server." -APWG Global Antiphishing Survey

These type of attacks appear to be moving from scamming masses of end users to planned enterprise targeting. In the today's enterprise, one mismanaged server easily creates opportunities for hackers to take advantage of a large number of resources on a network.

SSL Encryption Is Proven

A recent survey of security professionals cited that 85% of administrators still manage SSL Certificates and private keys through Excel or using handwritten notes.

SSL encryption remains the backbone of security on the Internet and billions of transactions and secure sessions online each day depend on SSL security. Digital certificates remain a key component IT infrastructure data security and is a central part of any enterprise security policy.

Organizations today expect expansion of systems leading to a nearly 30% growth in the need for digital certificates. SSL is still the proven and de-facto standard to secure data exchanges on the Internet. However, the cost for enterprise certificate lifecycle management and managed PKI services have led organizations to turn to alternate—and often insecure—means to manage encryption security.

SSL Is the Backbone of Data Security

Not properly managing security encryption and certificate keys leaves network infrastructure exposed and opens the door to thieves wreaking havoc with users' personal information. Certificate management done right requires managed PKI systems with enterprise-grade features, yet an entry-level implementation cost.

The answer needs to ensure service availability, security, and performance by automated the process of discovery of certificates and making security detection and threat mitigation real-time and simply to manage.

SSL Certificate Management Done Right and Made Easy

Managing certificates doesn't have to be hard. Online certificate management systems make managing encryption and SSL Certificates across network operating systems and devices easier than ever.

The right managed PKI system should include:

  • Improved Process Control
  • Validation Pre-Approval
  • Streamlined Certificate Deployment
  • Centralized Account Administration
  • User Request Workflows
  • Easy Account Auditing
  • Flexible Certificate Payment

For over 20 years, PKI has been the solution of choice for encryption security. DigiCert Managed PKI solution helps government, education, and enterprises quickly setup certificate management systems to make encryption security simple and easy.

Certificate Inspector allows administrators to automate the discovery and deployment of certificate to eliminate downtime. Additional monitoring for security vulnerabilities improves data security and enhances customer trust.

The number of Internet-connected devices continues to grow and ensuring they are secure is key to stay one step ahead of threats. As we connect more devices and manage a growing number of systems, security and privacy are critical in order to trust that critical data is safe within these devices.

And as we look to technology in order to help manage our phones, tablets, electronics, cars, and even appliances in a growing Internet of Things, digital certificates can ensure that data on these devices remains secure. Managed PKI makes managing security simple and easy.


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


Pioneering the next wave of secure digital solutions 


4 best practices for bulk email senders



Driving digital trust with SOC 2-compliant DNS