Professional Documents
Culture Documents
White Paper
CONTENTS
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Costs of SSL certificate mishaps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Challenges in SSL certificate management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Needed: A comprehensive SSL certificate management system . . . . . . . . . . . . . 6
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Introduction
SSL certificates make it possible for users around the world to communicate
sensitive information with the confidence that it is safe from malicious hackers,
allowing anyone to confidently use the web for business and social interactions
including banking, shopping, social interactions, and product development.
Information explosion and the accelerating adoption of cloud computing is making
SSL certificates more important than ever. Users must feel confident that they are
at legitimate URLs before sharing valuable information or work on what might be
a spoofed site. Additionally, the popularity of social media and emphasis of online
collaboration in the modern enterprise makes SSL certificates essential in both
work and play. Online users are sharing increasingly large volumes of personal
and professional information, and need to know that their accounts will not
be compromised.
With the standardization to 2048-bit SSL certificates, website owners can be even
more confident about the protection of their online data communications. Yet even
enterprises using this higher level of security still face serious threats. One key
reason for this risk: poor SSL certificate management.
Additionally, the enterprise bears higher costs in the form of increased calls to the
IT help desk by employees, and increased calls to customer support lines when
customers get warning messages that certificates are out of date.
For enterprises that are required to comply with federal and state regulations
such as the Health Insurance Portability and Accountability Act (HIPAA) or Payment
Card Industry (PCI) Data Security Standard mandates expired SSL certificates can
be very serious. In healthcare, data breaches must be reported and each incident
can carry heavy fines mandated by law. And in credit card transactions, having
valid SSL certificates is required or heavy fines ensue.
Then, many companies have their own internal security best practices that
must be complied with. Non-compliance can end up costing organizations
almost three times as much as taking the necessary steps to comply with data
security standards.
2
3
Ibid.
Ibid.
All in all, the complexity of tracking certificates manually leads to many challenges
and costs. Loss of business continuity and reduction of IT efficiency were cited by
administrators as the top contributors to the costs of certificate mismanagement.
(see Figure 1).
The Complexity of Tracking Certificates Raises Challenges
Makes our business less agile
33 %
Increased costs
33 %
Compliance issues
33 %
50 %
50 %
0%
10 %
20 %
30 %
40 %
50 %
60 %
Ibid.
The complexity and variance of approach with regards to installing SSL certificates
could cause mistakes to happen. For example, some certificates may require an
intermediate certificate to be installed and others not. Installation and renewal
of certificates are not necessary a daily routine. Manual deployment of SSL
certificates would necessitate administrators to constantly refresh their memories
and track their work diligently to make sure the certificate renewal and installation
process is adhered to correctly.
Needed: A comprehensive SSL certificate management system
The solution: an SSL certificate management system that simplifies SSL certificate
discovery and monitoring and automates certificates renewal and transfer. An
effective SSL certificate management solution will enable organizations to know
what kinds of certificates they have, help them renew certificates in a timely
fashion or have automated transfer from one CA to another.
Characteristics of an effective SSL certificate management solution include:
Automates discovery and monitoring. No need to manually search for the
number or types of SSL certificates that exist in your environment.
Automates lifecycle management, including renewal and installation.
Installing intermediate certificates can be challenging for system administrators
unfamiliar with SSL certificates. An SSL certificate management system with
automated transfer and renew capabilities for intermediate certificates will help
avoid incorrect installation and ensure business continuity.
Provides strong reporting capabilities. Can report on all SSL certificates in
the inventory for accountability and compliance verification, and can provide
both detailed and executive-level reporting.
Works across SSL certificates from multiple CAs, including self-signed
certificates. No need for multiple CA management tools you should be able to
manage all certificates from a single console.
Works across distributed networks. A comprehensive solution works no
matter where the SSL certificates have been installed.
Notifies organizations when a certificate is about to expire. No more risk of
expired certificates alarming users or website visitors.
Rates security of SSL certificates. Makes sure you are adhering to industry
best practices and standards.
Provides easy access. You can manage certificates from desktops as well as
mobile devices.
Is easy to manage. The ideal SSL certificate management solution lives in
the cloud so organizations dont have to worry about managing the server
or software.
With a single, comprehensive method of managing SSL certificates, organizations
currently struggling to manage SSL can find relief and achieve enterprise-wide
visibility with a simple, straightforward solution.
Conclusion
A full 44 percent of organizations say that it is either somewhat or extremely
common for them to have wrongly installed or misconfigured SSL certificates
in their inventory. Forty-five percent experience security breaches due to SSL
certificate issues. Fifty-six percent struggle with not knowing when certificates are
about to expire (see Figure 2).
Common SSL Certificate Issues
44 %
45 %
47 %
56 %
0%
10 %
20 %
30 %
40 %
50 %
60 %
More information:
In United States or Canada
Visit our website
http://go.symantec.com/certificate-intelligence-center
To speak with a Product Specialist, please call or email:
1 (866) 893-6565 or 1 (650) 426-5112 SSL_EnterpriseSales_NA@symantec.com
In Europe, Middle East or Africa (EMEA)
Visit our website
http://www.symantec.co.uk/certificate-intelligence-center
To speak with a Product Specialist, please call or email:
United Kingdom and Ireland +0800 032 2101 Rest of EMEA +353 1 850- 2628 or +41 (0) 26 429 7929
United Kingdom sslsales-uk@symantec.com Rest of EMEA sslsales-ch@symantec.com
In Asia-Pacific
Visit our website
http://www.symantec.com/ap/certificate-intelligence-center
To speak with a Product Specialist, please call or email:
Australia +61 3 9674 5500 New Zealand +64 9912 7201 Hong Kong +852 30 114 683
Singapore +65 6622 Taiwan +886 2 2162 1992
Taiwan, Hong Kong, Singapore ssl_sales_asia@symantec.com Australia, New Zealand ssl_sales_au@symantec.com
To speak with additional Product Specialists outside the U.S.
For specific country offices and contact numbers, please visit our website
About Symantec
Symantec protects the worlds information, and is a global leader in security, backup and availability solutions. Our
innovative products and services protect people and information in any environment from the smallest mobile device,
to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and
interactions gives our customers confidence in a connected world. More information is available at www.symantec.com
or by connecting with Symantec at: go.symantec.com/socialmedia.
Symantec Corporation World Headquarters
350 Ellis Street
Mountain View, CA 94043 USA
1 (866) 893 6565
www.symantec.com
Copyright 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.
UID:197/08/14