Nearly two-thirds of businesses (62 percent) regard cloud-based services as the most important trend driving the deployment of applications using PKI (50 percent in 2015) and 28 percent say IoT will drive this deployment.
A new report from Thales e-Security and Ponemon Institute reveals an increased reliance on public key infrastructures (PKIs) in today's enterprise environment. Over 5000 businesses and IT managers were surveyed from the UK, US, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, India and the Middle East (Saudi Arabia and United Arab Emirates).
PKIs are supporting more and more applications. On average, they support eight different applications within a business, up one from 2015.
The most significant challenge that organisations face around PKI – according to 58 percent of respondents – is the inability of their existing PKIs to support new applications. Furthermore, a large percentage of respondents continue to report that they have no certificate revocation techniques.
The use of high assurance mechanisms such as hardware security modules (HSMs) to secure PKI has increased.
The top places where HSMs are deployed to secure PKIs are for the most critical root and issuing certificate authority (CA) private keys together with offline and online root certificate authorities.
“As organisations digitally transform their business, they are increasingly relying on cloud-based services and applications, as well as experiencing an explosion in IoT connected devices,” said Dr Larry Ponemon, chairman and founder of the Ponemon Institute.
“This rapidly escalating burden of data sharing and device authentication is set to apply an unprecedented level of pressure onto existing PKIs, which now are considered part of the core IT backbone, resulting in a huge challenge for security professionals to create trusted environments. In short, as organisations continue to move to the cloud it is hugely important that PKIs are future proofed – sooner rather than later,” he said.
“By securing the process of issuing certificates and managing signing keys in an HSM, organisations can greatly reduce the risk of their loss or theft, thereby creating a high assurance foundation for digital security,” said John Grimm, senior director security strategy at Thales e-Security.