Jeff Hudson joined Dave & Bill today and covered many key elements about Digital Certificate Management & Encryption Key Management. Venafi announces Director 6 on CHWradio.
Today, nearly every enterprise application, and IT system has been encryption key and certificate enabled while providing greater security capabilities than ever before. However, the complexity of utilizing this encryption capability has created a significant increase in security and operational risk; expired, lost, and stolen certificates and keys.
A frequent phrase mentioned often on The CyberHood Watch Radio (CHWR) is, “Communication & Awareness”, it fits well with the message of keeping kids, families, and businesses safe & secure in the digital age.
As early adopters, the CyberHood Watch (CHW) partners recognized an emerging problem involving nefarious activities involving cyber crime, child security, and misuse of personal information, such as identity theft. Moreover, all this came about because someone communicated with the CHW partners, Dave & Bill, and made them aware of an up-and-coming problem.
Venafi is one of those early adopters who recognized that the encryption eco-system that has developed over time has gotten too complex. Thousands and even hundreds of thousands of encryption keys and digital certificates are deployed across their global networks. Venafi identified a growing significant problem with the management of certificates and keys, and took the initiative to develop and provide an enterprise solution.
The problem is many of the world’s Fortune-ranked organizations, including smaller companies are losing management control over their encryption keys and digital certificates. Imagine every traffic signal in New York City represents a digital certificate, which allows you access through the intersection providing your automobile have a current digital key. Now, imagine not knowing the location, expiration date, or status of the digital certificates installed in traffic signals throughout New York City. Suddenly, the digital certificate expires and the traffic signal shuts down denying access through the intersections…Total Chaos, and you are responsible.
The reverse also holds true if your vehicle is lost or stolen, whoever is in the driver’s seat has access through the intersection, and after all, it has a valid encryption key. Poor management of your certificates and keys are a potential invite to unwanted entries to the network.
It is not rocket science and not unlike the Tsunami of information that overloaded the family dynamics and created a digital divide between parents and children, so too the Tsunami of digital certificates and encryption keys has caused a security gap in the management of thousands of lost, stolen, and expired certificates and keys throughout the global networks.
1. Stolen digital certificates played a key role in the Stuxnet attacks on the Iranian nuclear power plant and the federal government is now considering using digital certificates as part of its National Strategy for Trusted Identities in Cyberspace (NSTIC) (http://www.whitehouse.gov/blog/2011/01/07/national-program-office-enhancing-online-trust-and-privacy).
2. Digital certificate management and security is a huge problem with enterprises. In a recent interview about his Stuxnet presentation at Black Hat DC, Securion head researcher Tom Parker said: “It isn’t really that hard to do,” he says. The use of stolen digital signatures to sign the device drivers wasn’t such a big coup, he says. “These are semiconductor companies, not security companies,” he says. “It’s not so tough to target and steal their certificates.”
The number of certificates and keys are overwhelming, however; there is no need any longer to manually manage the process, doing so is an invitation for disaster. An automated system like Venafi Encryption Director 6™ (Director 6) “provides an out–of–the box automated management capabilities for the widest range of digital certificate and encryption key technologies used by today’s enterprises, including symmetric keys, SSH keys, asymmetric keys and digital certificates.”
A recent survey conducted by Venafi describes the “2011 ENTERPRISE ENCRYPTION KEY AND DIGITAL CERTIFICATE MANAGEMENT MARKET OUTLOOK”. There is no doubt that the survey uncovers a growing dilemma among enterprises managing digital certificates and encryption keys. The practicality of trying to manually mange these vast number of keys and certificates is a daunting task and unrealistic. Moreover, the inevitable impending disasters will occur if not addressed; Director 6 provides the solution.
Be sure to listen in to what Jeff Hudson had to say…The interview is available as a download to save, and listen to later at your convenience. The CyberHood Watch partners, Dave & Bill, invite world industry leaders who share his or her years of experience and wisdom in order for the rest of us to live safe and secure digital lives. Listen to the show and take away what is important to you…Thank you for listening.
If you have questions, be sure to leave a comment and we will provide an answer.
Your CyberHood Watch Partner,
david c ballard
Radio Security Journalist
- One Way to Protect Your Organization From Stuxnet-like Attacks (readwriteweb.com)
- Its 10pm, Do You Know Where Your Certificates Are? (ashimmy.com)
- HTTP vs. HTTPS: What Are the Real Differences? (brighthub.com)