The momentum that digitization is experiencing is increasing the use of digital certificates and PKI in organizations. However, a study warns of a lack of responsibility, resources and skills for its deployment.
The growth of online transactions is accelerating the demand for digital certificates and the use of PKI (Public Key Infrastructure). However the Entrust 2021 Study of PKI and IoT Trends in Spain, the first edition of the study in our country, shows that the supply of skills related to the administration of these PKI is at low levels.
To this is added the complaint by professionals of the lack of skills and resources to manage these PKI, in addition to being unclear about the responsibilities they have in their administration.
Challenges and Drivers for Adopting PKI
According to this Entrust study, in this proliferation of PKI-making applications, IoT stands as the fastest growing trend at 51%, with cloud applications the second big driver, according to 41% of respondents. In third place, the study indicates mobile applications as the ones that are requiring their use the most, according to 34% of those surveyed.
Despite the fact that more and more applications demand PKI, the study also highlights that the lack of assignment of responsibility At the business level, it is the first obstacle that is preventing the development and correct management of PKI in Spain, according to 70% of those surveyed.
The second challenge for 67% is the lack of skill and, for 54% of those surveyed, the lack of resources to carry out their management.
But alongside these three big challenges in managing PKIs, companies must also address a number of challenges to use them in applications. Thus, 72% point out the PKI’s inability to enable new applications, although 52% point out that it needs too much change or uncertainty, while 42% indicate not having enough skills.
However, despite the fact that the demand for PKI has never been as high as it is now, only 36% of respondents have a PKI specialist on staff in their organization. This is confirmed by Rocío Martínez, Head of Entrust Digital Identity for Spain, for whom “There has never been such a high demand for PKI – either due to pressure this past year to keep secure employee networks operating remotely or hybrid, or due to the continued increase in IoT and hosted services. Cloud”.
On the other hand, the areas in which the greatest change and uncertainty are expected are PKI technologies (43%), followed by new applications, such as IoT (32%). The third and fourth most cited areas were external regulations and standards (28%) and internal security policies (20%).
When it comes to the use of PKI, TLS / SSL certificates for web pages and services to the public are the most cited by 77% of respondents. Private networks and VPN apps rank second (70%) and third email security (61%). This underscores the focus on ensuring that remote employees and the distributed IT workload can remain secure.
It should be noted that, as organizations need to manage more certificates, their correct management will be more critical. According to the study, 11% of respondents use a manual certificate revocation list, while 30% admit not having any techniques for certificate revocation.
This leads organizations to be more vulnerable to possible attacks and to face interruptions in their critical systems, in addition to the consequent business interruption and its associated costs. The solution is through “A strategy and, second, products that support this transformation. This means that they need a partner like Entrust that not only has the technological capabilities, but also the legacy and experience to help them succeed in this environment. “, concludes Rocío Martínez.
