Automation 02-28-2021

Why It’s Never Been a Better Time to Automate

Dr. Avesta Hojjati

The business case for implementing automation now is becoming more and more apparent. Companies that apply automation now will be the ones to get ahead tomorrow.

Here are six compelling reasons to start using automation tools now to manage your digital certificates.

1. Certificate lifetimes are shorter

Whereas before certificate automation was nice to have, with a reduction in certificate lifetime, automation is now necessary to keep up with certificate management. As of Sept. 1, 2020, certificate lifetimes were shortened to a one-year maximum. DigiCert supports a shorter certificate lifetime that allows faster updates to the certificate ecosystem, but we also recognize that this makes it increasingly difficult to manage your certificate inventory.

With shorter lifetimes, managing certificates with spreadsheets and notifications is no longer viable. Additionally, we expect there could be further reduction of lifetimes in the future, which will require additional automation to simplify certificate management.

2. Web threats continue to get more sophisticated

It’s difficult to stay up to date with the latest threats to your web security when they continue to evolve in sophistication. According to the Microsoft defense report, “Threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to spot and that threaten even the savviest targets.” Automated processes make it easier to stay ahead of threats and respond quickly in case of breaches.

Additionally, quantum computing will be here sooner than we expect, and if certificate inventories are not crypto-agile, then your network will be vulnerable to attacks. In 2020, leading companies made large advances in quantum computing. We anticipate accessible quantum computing services within the next five to 10 years, but it could be sooner. IBM announced in October 2020 that they will have a quantum processor available by the end of 2023. Additionally, you should not underestimate how long it will take to transition your cryptography from using certificates with classic algorithms to post-quantum algorithms. However, automation tools will make you more adaptable to protect against threats by enabling you to discover outdated certificates that support pre-quantum cryptography and replace them quickly.

Finally, the global transition to remote work over the last year has increased your threat vector and the need for network security. Attackers know this and will take advantage of any vulnerabilities they can find. There was a huge spike in attacks in March 2020, as organizations transitioned to virtual business operations. In addition to best practices to secure your remote workforce, automation can help simplify remote management tasks.

3. Automation increases efficiency

Improve business productivity and performance with automation tools that reduce human error, save time, save money and make certificate management easier to manage. One survey found that over 40% of workers surveyed spend a quarter of their work week on repetitive, manual tasks, and 60% estimate they could save at least six hours a week by implementing automation. You have other projects and priorities to focus on rather than attempting to manually manage your organization’s certificate inventory. What could your team accomplish with that time back?

Additionally, DigiCert’s automation tools enable faster decisions with real-time, actionable insights into your certificate inventory. This enables you to prevent revenue losses by giving you the control and insight into certificates to make better decisions faster and remain compliant.

Automation is becoming necessary to increase business efficiency, and we predict that eventually every company will need to implement certificate automation. However, don’t wait to use automation and miss out on increased efficiency now, and don’t let your competition beat you to it.

4. Certificate usage is increasing

About 80% of organizations estimate that their TLS usage will increase by a quarter in the next five years, which can only increase the consequences of outages. In fact, 85% of CIOs believe that the growing complexity of IT systems is going to make outages all the more damaging.

While a manual process may work for small organizations, it does not hold up at scale. The more certificates you use, the more you need automation.

5. Automation supports compliance and auditability

Automation makes it easy to keep up with industry changes and maintain visibility over your certificate network. Most teams don’t have the bandwidth to dedicate a team member to certificate management alone, yet it can be a full time job to manage certificates and keep up with industry changes. That’s why DigiCert CertCentral automation tools aid with compliance and allow for customized reporting.

Unfortunately, many organizations do not have proper certificate management, which puts them at risk. The NSA recently urged organizations to use current TLS/SSL protocols: "NSA recommends that only TLS 1.2 or TLS 1.3 be used, and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used." Outdated protocols leave you at risk for exposing data and vulnerable to man-in-the-middle attacks, which, according to the NSA, are easy for attackers to exploit.

In case of outages, you need to replace certificates swiftly — typically within five days, according to CA/B Forum Baseline Requirements 4.9.1, and can be as short as 24 hours for key compromise. But without automated renewal and revocation, replacing certificates in that timeframe will only cause headache.

Speaking of attacks, they also have costly consequences.

6. Certificate outages can have serious consequences

Certificate outages can cost over $500,000 per hour, and it can take hours or days to repair one expired certificate. In 2019, the average cost of a data breach was $3.9 million.

Besides revenue, certificate outages can also damage your brand reputation and relationship with end-users. Last year, one expired certificate on a popular music streaming service left users without access to their music for over an hour. As is typical in a crisis, thousands of complaints on Twitter and articles with headlines like “The Day the Music Died” plagued the organization for days after the outage. While the issue was resolved quickly, automated certificate renewal can be even quicker. Automation can help companies avoid expirations and costly downtime like this incident.

In summary, organizations can lose around $5,600 per minute from outages, in addition to damaged reputation. You can prevent that loss of revenue and reputation damage with certificate automation.


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


What Is A CA’s Role In Delivering Digital Trust?


The Entrust distrust: Key takeaways for CAs and organizations


How to Secure Quantum Computing in the Cloud