Organisations like Sony, Lockheed Martin, Nintendo, and Groupon share something unpleasant in common: recent security breaches. They are not alone. The list of companies suffering the public humiliation and expense that go hand-in-hand with lax IT security procedures goes on and on. I read in a read last week that the global market for stolen identities is now worth a staggering $5 billion a year. Most of these companies had implemented encryption to protect their data, and yet their efforts were wasted because they had not followed best practices for managing their encryption assets and deployments.
Whether security breaches involve customers' personal and financial information (which are identity-theft manna), top-secret data that could affect national security, compromised servers, or company intellectual-property, the bottom line is this: organisations need to exercise better due diligence when it comes to managing encryption keys and certificates.
Failure 1 Certificate Validity Periods That Exceed CA Validity Periods
This situation is common when organisations use internal Certificate Authorities (CAs) because the administrators managing the CA might not understand the proper relationship between a CA certificate and the certificates that it signs. When a CA certificate expires, other devices will no longer trust certificates signed by that CA certificate.
Those certificates might be valid in terms of time, but, without providing that vital trust, they will not function correctly. The discrepancy in validity period leads to a dangerous situation because, while administrators may regularly monitor the end-entity certificates under their care, they rarely know the corresponding root CA's validity period. Hence, its expiration almost always comes as a nasty surprise.
Recommendation: Establish clear policies for certificate validity periods, for both CA and end-entity certificates, and ensure that these policies are followed. The broadly accepted best practice is this: the validity periods for end-entity certificates should never exceed the validity periods for their corresponding root CAs.
Failure 2 Wildcard Certificates
Wildcard certificates are convenient but can increase the risk of data and system breaches due to increased probability of private key compromise. Wildcard certificates enable you to use the same certificate and private key on multiple systems that have different host names. This means the private key is stored on...