Thales has just published its 2015 PKI (Public Key Infrastructure) Global Trends Study carried out by the Ponemon Institute.
Over 1500 IT and IT Security practitioners were surveyed across ten countries about their knowledge and use of PKI inside their organisations. The results of the study while generally positive suggest that PKI is still suffering from old problems of a lack of knowledge and clear ownership inside the IT department.
Among the key findings from the study are:
- The most significant challenge organizations face around PKI is the inability of their existing PKIs to support new applications (63 percent of respondents said this).
- Only 11 percent of respondents say there is accountability and responsibility for PKI and the applications that rely upon it.
- A large percentage of respondents said they had no revocation techniques.
- Cloud-based services are the most significant driver for PKI-based application adoption.
- The level of visibility, influence and/or control over the applications that consume certificates managed by their PKI is minimal.
- There is a significantly higher use of weaker security techniques like passwords (53 percent) than there is of strong authentication mechanisms such as Hardware Security Modules (HSMs) (28 percent).
- The top three places where HSMs are deployed to secure PKIs are issuing certificate authorities together with offline and online root certificate authorities.
The study can be downloaded from the Thales website (registration required) and runs to 32 pages including all the questions and responses from participants.
John Grimm, senior director, Thales e-Security, says: “An increasing number of enterprise applications are in need of certificate issuance services, and many older PKIs are not equipped to support them. As organizations undertake a PKI upgrade cycle to support new applications and capabilities, many will look to improve the trust of their PKI by using HSMs to protect private keys for offline root certificate authorities as well as online issuing certificate authorities.
“Thales has decades of experience providing HSM-based PKI solutions, and runs a dedicated PKI Consulting Service to help businesses design and deploy world-class self-managed PKIs that build trust at the infrastructure level.”
(Next: PKI protecting more applications but extending it is difficult)