PKI: Securing a variety of use cases in today’s digital organizations

April 5, 2021
Organizations moving to the cloud need to safeguard data from breaches by encrypting transport that maintains operational integrity

A security leader’s job has never been easy, but today’s CIOs and CSOs are up against unprecedented challenges and accelerated change. As digital transformation continues to reshape every organization, it’s up to security executives to ensure that their most critical assets and communications stay protected.

Network architectures and applications have evolved, and cloud services play an increasingly critical role for enterprises seeking to drive innovation, business agility and cost savings. According to a recent survey by TechRepublic Premium, 81 percent of respondents currently use or plan to use services from multiple cloud providers within the next 12 months.

The global pandemic has also transformed workspaces, as increasing numbers of professionals work from home or in remote locations. According to an April 2020 Gallup survey, 62% of U.S. workers were working from home due to the healthcare crisis.

The rapid emergence of the IoT is also having a major impact on industries of every size and type, from enterprise organizations to public sector and higher education. A recent study by Gartner predicted that there will be 25 billion connected devices by 2021.

Even as new advances shake up old rules and change expectations, security leaders must still focus on ensuring connected devices are secure and users and their organizations are safe. A modern public key infrastructure (PKI) platform needs to deliver the capabilities, flexibility and manageability required to achieve security across a wide variety of use cases.

A scalable, flexible approach to cloud security

Organizations moving to the cloud require strong authentication for their systems and the people that use them. They need to safeguard data from breaches by encrypting transport and maintain operational integrity—and scale their security as the organization evolves and changes.

For today’s increasingly diverse, multi-cloud environments, PKI solutions are an ideal method to secure digital trust. Standards-based, widely adopted and flexible, they can provide strong security across a wide variety of environments, including enterprise systems, cloud storage, clients like email and document signing applications, virtualization, DevOps and more. PKI also enables organizations to strengthen authentication for dynamic cloud environments utilizing digital certificates and can scale easily to accommodate additional users, devices and demands.

With the right management platform, organizations can apply a unified approach to authentication, encryption, secure email, digital signing and other PKI capabilities. A modern approach to PKI will provide the flexibility for deployment in the cloud, as well as on-premises and in-country, to meet specific requirements or application needs. A robust PKI management platform can also enable organizations to deploy extremely high volumes of certificates quickly, making the solution ideal for large, fast-growing enterprises. Organizations need PKI management platforms built with cloud-native and container-based technologies.

Securing a remote workforce

Remote users create unique challenges for organizations that must support a variety of different devices and users at myriad locations. For complex organizations, IT teams will be tasked with managing digital certificates remotely. A scalable, centralized and modern PKI platform will enable them to track the certificate lifecycle automatically, regardless of their location. It can also offer automation that lets security and IT teams provision certificates in advance, to onboard new users, without sacrificing business agility.

A modern PKI platform will also support compatibility with Mobile Device Management (MDM) platforms. These MDM solutions enable enterprises to remotely provision devise, manage applications, track inventory and enforce corporate security policies on mobile devices. If a remote client device is lost or stolen, they can enable IT, teams, to disable the device in the field or erase its contents altogether.

Keeping IoT systems secure

IoT environments operate on trust and they must rely on systems and data that are fundamentally secure. Maximizing information confidentiality and ensuring its integrity is key. Access to information should be available only for those authorized to use it. To maintain data integrity when it is being transmitted between IoT devices and sensors, it must be encrypted every step of the way. PKI can help ensure that the integrity is maintained, and that information is not modified when it is shared or stored.

Safeguarding IoT data also requires controlling availability and PKI can help organizations ensure that applications, systems and devices are accessible by users in the most appropriate roles. Likewise, PKI can be used to deploy unique digital certificates to each device to ensure mutual authentication as well as network authentication.

When it is deployed and managed together with the right platform and best practices, PKI is a solid foundation that lets organizations to set up and ensure trust and security across the IoT. PKI innovators are applying it across a variety of use cases and systems, including:

  • SCADA
  • Medical devices and equipment
  • Industrial and automated manufacturing equipment
  • Robotics
  • Home automation systems and smart speakers
  • Wi-Fi hotspots
  • Home security systems
  • Wearables and fitness devices

 Securing today’s digital world, and tomorrow’s

With its ability to deliver robust security together with flexibility and broad scalability PKI has established itself as the foundation of trust for today’s most demanding environments. It enjoys broad adoption, standards-based support, and is continuously being improved and enhanced by industry innovators. For security leaders that choose the right technology partner to support their deployment, the potential of modern PKI, built from the ground up, is limitless.  Look to the most trusted vendors to provide your organization with the modern platform you and your team deserve.

About the author:

Dean Coclin has more than 30 years of business development and product management experience in cybersecurity, software and telecommunications. As Senior Director of Business Development at DigiCert, he is responsible for driving the company’s strategic alliances with IoT partners in the consumer security market, and with other technology partners.  Coclin is also the previous chair of the CA/Browser forum.

Previously Coclin spent 7 years at Symantec in a similar role and was one of the founders of ChosenSecurity, an Internet security firm that was sold to PGP Corporation in February 2010. PGP was subsequently acquired by Symantec in June 2010. Prior to this, Coclin served as director of business development at GeoTrust which was sold to Verisign in 2006. Prior to joining GeoTrust, Coclin was vice president of product management at Betrusted, an e-security firm where he directed product management, product marketing and product technology. He has held positions at Baltimore Technologies, CyberTrust Solutions, and GTE Government Systems Corporation.

About the Author

Dean Coclin | Senior Director of Business Development at DigiCert

Dean Coclin has more than 30 years of business development and product management experience in cybersecurity, software and telecommunications. As Senior Director of Business Development at DigiCert, he is responsible for driving the company’s strategic alliances with IoT partners in the consumer security market, and with other technology partners.  Coclin is also the previous chair of the CA/Browser forum.

Previously Coclin spent 7 years at Symantec in a similar role and was one of the founders of ChosenSecurity, an Internet security firm which was sold to PGP Corporation in February 2010. PGP was subsequently acquired by Symantec in June 2010. Prior to this, Coclin served as director of business development at GeoTrust which was sold to Verisign in 2006. Prior to joining GeoTrust, Coclin was vice president of product management at Betrusted, an e-security firm where he directed product management, product marketing and product technology. He has held positions at Baltimore Technologies, CyberTrust Solutions, and GTE Government Systems Corporation.