PKI protecting more applications but extending it is difficult
Among the questions asked in the study was: “How many distinct applications does your PKI manage certifications on behalf of?”
The most common response at 29% was 7 or 8 but 3%or respondents say that they are protecting more than 20 applications. This is a significant boost over the last few years and shows that some companies are beginning to deploy complex and well managed PKI infrastructures.
Part of the problem for many of the respondents is being able to add new applications into their PKI infrastructure. While 7-8 applications might sound a lot it isn’t. Most medium to large enterprises will have well over a dozen applications that should be protected. The challenge for many of the respondents was getting new applications protected.
Among the applications that are using PKI, seven were identified as being the most common. These are:
- 78% SSL certificates for public facing websites and services
- 69% Private networks and VPN
- 54% Enterprise user authentication
- 51% Device authentication
- 50% Cloud-based applications and services (public cloud)
- 50% Email security
- 49% Mobile authentication
None of these figures are high enough to get overly excited about. 78% of websites using SSL should reasonably be in excess of 90% today. The figure of 54% of enterprise user authentication should be closer to 100% in any security minded organisation. The only slight positive is that 50% of public cloud-based applications and services are protected. Although there is significant room for improvement there, it does show that companies are beginning to take cloud security seriously.
It is interesting to compare these existing applications with the trends that are driving the deployment of applications using PKI. Of these cloud-based services at 64% came top with second place consumer mobile at 50% and consumer-orientated mobile applications in an even more distance third at 26%. Given these numbers, it will be interesting next year to see if the 50% of cloud-based applications and services in the public cloud that are currently using PKI has managed to jump to at least 75%.
63% of the respondents said that their existing PKI is incapable of supporting new applications. This is a major worry. It could be that their existing licensing or configuration is the problem, both of which are solvable. Alternatively it could be that they are using older products and therefore need to urgently update their existing tools which is a non-trivial task. With the demand for greater security constantly on the agenda both for IT managers and also the C-Level suite, this needs to be addressed urgently.
(next: Basic security protection still needs to improve)
