Cloud and IoT adoption requires organizations to future-proof PKI implementations

New research by the Ponemon Institute shows an increased reliance on PKIs in today’s enterprise environment, driven by the growing use of cloud-based services and applications and the Internet of Things.

The main challenges deploying and managing

More than 5000 business and IT managers were surveyed in 11 countries: US, UK, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, India, and for the first time this year the Middle East (Saudi Arabia and United Arab Emirates), with the aim of better understanding the use of PKI within organizations.

“As organizations digitally transform their business, they are increasingly relying on cloud-based services and applications, as well as experiencing an explosion in IoT connected devices. This rapidly escalating burden of data sharing and device authentication is set to apply an unprecedented level of pressure onto existing PKIs, which now are considered part of the core IT backbone, resulting in a huge challenge for security professionals to create trusted environments,” said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute.

Key findings

• 62% of businesses regard cloud-based services as the most important trend driving the deployment of applications using PKI (50% in 2015) and over a quarter (28%) say IoT will drive this deployment
• PKIs are increasingly used to support more and more applications. On average they support eight different applications within a business – up one from 2015, but in the United States this number went up by three applications
• The most significant challenge organizations face around PKI is the inability of their existing PKIs to support new applications (58% of respondents said this)
• Worryingly, a large percentage of respondents continue to report that they have no certificate revocation techniques
• The use of high assurance mechanisms such as hardware security modules (HSMs) to secure PKI has increased
• The top places where HSMs are deployed to secure PKIs are for the most critical root and issuing certificate authority (CA) private keys (CAs) together with offline and online root certificate authorities.

The most important trends driving the deployment of applications using of PKI

Future-proof PKI implementations

“An increasing number of today’s enterprise applications are in need of digital certificate issuance services — and many PKIs are not equipped to support them. A PKI needs a strong root of trust to be fit for purpose if it is to support the growing dependency and business criticality of its services. By securing the process of issuing certificates and managing signing keys in an HSM, organizations can greatly reduce the risk of their loss or theft, thereby creating a high assurance foundation for digital security,” said John Grimm, senior director security strategy, Thales e-Security.