Security News > 2024 > February > 3 ways to achieve crypto agility in a post-quantum world

In today's increasingly automated operational environment, crypto agility-i.e., an organization's ability to switch rapidly and seamlessly between certificate authorities, encryption standards and keys and certificates with minimal disruption to one's digital infrastructure-becomes essential to business.

In 2020, Apple reduced the lifespan certificates to a year, pushing others to match them, and in March 2023, Google announced a proposal to reduce TLS certificate validity to 90 days.

Keeping up with certificates is not really a choice left up to admins; failing to effectively manage certificate expirations and upscaling encryption not only leaves the enterprise vulnerable to breaches but also to downtime caused by an expired certificate.

CA-provided tools can reduce manual effort and improve efficiency by making it easier to discover and manage certificates issued by that specific CA. But these provider-specific tools leave out other public and private CAs and certificates deployed across multiple endpoints, such as servers, mobile devices and laptops that also must access the network.

These proprietary automation methods miss the last-mile certificate installation and end-point binding, and often can't manage certificates across clouds and containers, which creates gaps in automation and leaves the staff provisioning certificates manually.

Get proactive: The looming threat of quantum decryption threatens to upend popular algorithms such as RSA and ECC, and the sheer volume of certificates-and their shortened life spans-makes keeping up with certificate expirations a growing challenge.

News URL

https://www.helpnetsecurity.com/2024/02/06/crypto-agility-strategies/