76 VIEWPOINT Robust CLM tools enable businesses to implement zero-trust frameworks and prepare for post-quantum challenges SAMANTHA MABEY: ENTRUST Elevating security with certificate lifecycle management Certificates have been a fundamental component of digital security for decades. They provide the most resilient, scalable and secure means to deliver strong identity, encryption and access control. They secure critical systems and core business use cases, including secure sockets layers (SSL) and transport layer security (TLS) for publicfacing websites, secure email, mobile device management, the internet of things and more. Given their significance and widespread use, it should come as no surprise that proper management of these certificates is critical for organisations. The need for robust certificate lifecycle management (CLM) is not new. As organisations have grown and experienced certificate authority sprawl, or had concerns around legacy public key infrastructure (PKI), CLM has become a means to rein in and centralise certificates across environments. The significant growth in the number of machine identities is another factor, driven not only by the sheer quantity of machine identities requiring security and management, but also by the complexities they introduce – such as short-life certificates – that render manual processes unsustainable. While these are compelling reasons to invest in a proper CLM tool, there’s an even more convincing reason to prioritise CLM in relation to overall IT strategy such as implementing zero-trust security frameworks and preparing for post-quantum threats. One of the key components of zero trust, and where CLM plays an important role within the overall strategy, is ensuring that businesses have strong issuance protection for their certificates. Essentially, this ensures that no rogue certificates are issued to grant excessive access or privilege. This same rationale applies to the need for control at any stage in the certificate lifecycle, including revocation. CLM supports the three principles of a zero-trust strategy. It helps to verify that the correct certificate is provisioned to the appropriate target or endpoint; provides the right assurance and access through certificate and lifecycle controls; and possesses the ability “One of the key components of zero trust, and where CLM plays an important role within the overall strategy, is ensuring that businesses have strong issuance protection for their certificates”
RkJQdWJsaXNoZXIy NzQ1NTk=