nCipher Security Blog

Under pressure: How PKIs are challenged by increasing cloud adoption

John Grimm | Vice President of Strategy and Business Development More About This Author >

pki-challenged-by-cloudGartner predicts that, as organizations everywhere undergo a form of digital transformation, with many looking to make savings on their IT budgets, the global public cloud services market will grow by more than 17 percent by the end of this year.

As a result of this increasing adoption, nearly two thirds of organizations around the world (62%) are now using public key infrastructure (PKI) credentials to support their public cloud-based applications and services – up 12 percent over last year, according to our recent 2016 PKI Global Trends Report, conducted by the Ponemon Institute. What’s more, a similar number of organizations (61%) see cloud-based services as being the most important driver behind the deployment of applications using PKI.

Worryingly though, more than half of the businesses interviewed for the report (58%) admitted that their existing PKI was unable to support new applications – regardless of type. And this is perhaps even more concerning when you consider that there is a clear trend toward expanded use of PKIs, with this year’s survey revealing that the average PKI now supports eight different applications.

With usage levels as high as our report suggests, it’s clear that a PKI should no longer be considered an “add-on” or auxiliary service – it is a core, often mission critical IT function. And it’s here that the challenge lies, because the next big rise in demand for certificate services is poised to hit – and that’s the Internet of Things.

What does this mean?  One thing it means is that those pesky PKI issues like lack of clear ownership, insufficient skills and resources, and the failure to be deployed using security best practices aren’t just going to fade into the night.   In a world where the theft and misappropriation of sensitive, private data by cyber-attacks or malicious insiders is making daily headlines, the role of the PKI in managing identification and authentication has never been more critical – not just right now, but as the cloud and the IoT continue to levy new requirements.

The time is now to develop a strategy to evolve and adapt current certificate issuance systems to operate at the speed, scale, and assurance level in accordance with the business needs of today and the rapidly-approaching future.