Want to Step Up Cloud and IoT Adoption? Bolster PKI First
It's become abundantly clear by now that cloud-based systems are presenting a great value now to businesses of all sizes, and Internet of Things (IoT) systems are starting to gain ground in the field as well, offering a different but likewise substantial value. That's got plenty of companies looking more closely at bringing these tools into play, but a new report suggests that, before bringing in cloud and IoT systems, one thing needs to be done: enhancing public key infrastructure (PKI) systems.
The word came from Thales' “2016 PKI Global Trends Study,” which examined the opinions and stances of over 5,000 business and IT managers operating in 11 different countries worldwide, from Japan to India to Mexico. This particular study was especially noteworthy as it brought in the United Arab Emirates and Saudi Arabia, marking the first time the Middle East was represented in this study.
Increasingly, businesses are coming to understand the importance of connecting cloud-based operations to PKIs, with 62 percent of businesses calling cloud-based services “the most important trend” driving PKI deployment. That's up from half in 2015, though 28 percent figure that IoT applications will be the real big driver of PKI deployment. PKIs, in turn, are increasingly used to bring out applications, with the average number now being eight such deployments. That's up just one on average from 2015, but in the United States, that's up from five, showing that averages often mean substantial variance from one point to another.
Even as PKIs are more used, there are some difficulties associated with PKI. Fifty-eight percent of respondents noted that the biggest problem involved in PKI was getting current PKIs to support newly-released applications. Meanwhile, a substantial though undefined number of organizations currently are without techniques to revoke certificates, leaving a clear potential for unauthorized access down the line.
Thales' senior director for security strategy John Grimm commented, “An increasing number of today's enterprise applications are in need of digital certificate issuance services—and many PKIs are not equipped to support them. A PKI needs a strong root of trust to be fit for purpose if it is to support the growing dependency and business criticality of its services.”
Essentially, PKIs need some upgrades in order to be sufficiently protective. While cloud-based and IoT systems are a terrific option to provide value, without the necessary layer of security involved, these systems may end up as failure points for hackers to exploit. Augmenting security on cloud and IoT systems, therefore, is singularly important to allowing these to deliver value, and PKIs can represent a major feature in that security. However, it’s clear that PKIs need upgraded sufficiently to deliver that value.
In the end, it's all about security, and for PKIs to be the feature that cloud and IoT need, these tools will not only need to be ready for today's issues, but for tomorrow's potential attack methods as well.
Edited by Alicia Young