Last year’s IoT Solutions World Congress was an opportunity for the industry to focus on the increasing influence of the Internet of Things in PKI planning. We attended the event with our technology partner Thales e-Security, which has just published a report with the Ponemon Institute looking at PKI trends across eleven countries.
It makes for interesting reading for numerous reasons. One point that is clear - the speed with which the IoT is driving the deployment of applications using PKI is causing some concern amongst and IT managers.
This might, in part, be to do with the fact that although companies are using PKI to support many different applications, there is a distinct lack of control when it comes to managing and taking ownership for them.
The number of survey respondents who expressed concern in this area had risen from 14% to 36% in the past two years, so clearly there is a need for enterprises to focus on improving best practices for designing, building and maintaining their public key infrastructure.
At Ascertia, we have witnessed significant growth in the use of PKI-based digital certificates, especially as they have become more widely accepted as a means of electronic identification and authentication. So, it is little surprise that over the next two years, the survey predicts that an average of 43% of IoT devices in use will rely primarily on digital certificates.
The statistics tell the story: automated methods of revocation are on the up, showing a 9% increase in the number of companies using them, whilst the use of manual certificate revocation has dropped by 13%.
Meanwhile, the certificate revocation technique most often deployed continues to be online certificate status protocol (OCSP), according to 54% of respondents. When asked about the management of private keys for root/policy/issuing CAs, just over a third (36%) of respondents said they were using hardware security modules.
Ascertia has seen an increasing demand for its ADSS OCSP Server product. Real-time validation and whitelisting are just two of the extensive features driving the growth in sales and enquiries.
What does this tell us?
PKI is gradually increasing in importance to the enterprise and within IT backbones as the number of IoT enabled applications grows. But given that there are considerable misgivings about whether companies have the levels of staffing and competency that PKI needs to be effective, decision makers do need to look at services that can be easily integrated and managed.
This is where modular solutions like ours come in, delivering only the required components or services that are aligned with leading industry standards and ensuring that today’s modern enterprise has the trust services it requires to be compliant and raise competitiveness.
Learn more about our PKI solutions here.