Five common PKI deployment mistakes

Posted On

By Prateek Panda

Share


The creation of trusted ecosystems has never been more important. The massive growth in mobile applications and IoT devices means that many organizations now operate networks with potentially millions of points of communication, either for sending data such as updates or receiving data in the form of usage metrics or personal account information. 

While the uptake in new technologies has seen tremendous innovation and enabled extraordinary growth for companies that have harnessed new technologies and data sources, there are also considerable risks. This huge and widely diversified network of data receptors and sensors creates a minefield for potential data theft and malicious interference by hackers. 

One of the most powerful tools to counter the multitude of threats that face IoT device networks is the implementation of Public Key Infrastructure (PKI). PKI provides a well-defined, secure system for authenticating and encrypting critical information. When used properly, a PKI deployment can create a secure, trusted ecosystem that facilitates secure data exchange and extends the life of an IoT device. However, too many organizations often fall prey to common PKI deployment mistakes, making their PKI infrastructure more difficult to manage and less secure than they realize. 

In a recent Ponemon study, 73% of the participating security professionals said mismanaged digital certificates caused unplanned downtime and outages. Here we’ll take a look at some of the most common problems with PKI. 

Top five PKI deployment mistakes

  • Lack of planning and tracking

The first port of call for ensuring problems with PKI  are avoided is to have a structured and well-considered plan of implementation from the start. Taking a mix-and-match approach to a PKI system will not only lead to vulnerable “creases” and PKI security risks but also increase costs due to teams needing to engage in reactionary security firefighting rather than proactive scaling and implementation. 

Once a system has been in place for a while, if it hasn’t been built in a structured and easily-traceable manner, an organization can lose track of what certificates it has issued. This is one of the most common PKI deployment mistakes. These significant problems with PKI are highlighted in that same Ponemon study which found that 74% of organizations do not know exactly how many keys and certificates they have, where to find them, or when they expire. The consequences of such mismanagement range from failed audits to certificate and key misuse that can ultimately compromise an organization’s systems. These are exactly the type of problems with PKI that allowed attackers to push a malicious version of ASUS Live Update using ASUS security certificates to install backdoors on over a million PCs.

  • Root certificate authority security

In PKI deployments, all trust stems from the certificate authority (CA). It issues the root certificate that underpins the validity of the security keys used to verify and authenticate identities. Outlining and following specific security guidelines—such as who can obtain a certificate and when a certificate is revoked—is crucial for establishing and maintaining trust in CAs and avoiding PKI security issues during deployment.

Unfortunately, another of the problems with PKI deployment is that most organizations do not conduct sufficient or regular audits of relevant certificate authorities to ensure that they are actually implementing the Certification Practice Statement (CPS) they have committed to. If they are not doing so, the entire network could be at risk. This is what happened with the major hack of the DigiNotar certificate authority. The hack led to false certificates being issued for the websites of AOL, Microsoft, the CIA, and others, all of which had to be later tracked down and revoked.

  • Not allocating sufficient internal resources

Running an in-house PKI takes a lot of time, effort, and money. Probably the most prevalent problem with PKI is tied to  underestimating the resources needed. It requires specialized skills and a dedicated team so that your PKI security issues do not get sidelined by other pressing IT and security initiatives. 

A lack of clear ownership and sufficient resources can lead to PKI risks and vulnerabilities through unpatched software, non-updated revocation lists, lack of policy enforcement, and the inability to respond effectively to an outage, security incident or other problems with PKI management.

  • Not considering the entire lifecycle

The rollout of your PKI is just the beginning. A frequent problem with PKI deployments e is lack of forward planning for the entire certificate lifecycle. Certificates expire, or may need to be revoked. Poor handling of the expiration of certificates can cause widespread outages and significant expense. You also need to include mechanisms for key archival and retrieval. 

  • Not adequately protecting keys

Another of the major problems with PKI deployment, especially for devices and software applications, is how the security keys used in the PKI are stored, as this presents a major attack vector for hackers. Assuming that the CA you use takes all the necessary precautions regarding theft and infiltration of the HSMs that store keys, you still must ensure your own systems are protected from insider threats, running regular employee security checks, and employing multi-custody protocols to complete sensitive operations.

Moreover, hackers can use a variety of techniques to analyze and detect keys while they are in use or transit. Once in control of these keys, they can decrypt private data or pose as authenticated users to access systems. This PKI security issue is especially pronounced when it comes to provisioning older devices that are already in the field and that lack a secure update mechanism. Additional software-based cryptography should be used to make sure keys never appear in the clear.

How to tackle your PKI problems

Keeping an organization’s ecosystem secure is essential for consumer trust, regulatory compliance, and corporate risk reduction. Using a PKI can present excellent value for money in terms of outlay versus protection and can be one of the most strategic weapons in a company’s arsenal against malicious actors seeking to steal information or compromise IoT devices. However, PKI deployment mistakes mean that many organizations end up spending more on a system that fails to adequately secure. 

That’s why many organizations turn to managed PKI services, such as Intertrust PKI, whose specialized expertise allows them to create safe and flexible ecosystems for device provisioning to ensure that every step of the journey from factory floor to the end of life is protected by secure cryptographic protocols. Not only does a managed PKI service remove the need for keeping specialist skills in-house, but it’s also easily scalable to grow as your company does and is constantly monitored and updated through a trusted CA to avoid common problems with PKI.

Download our white paper to find out more about Intertrust PKI and how you can use it to create secure IoT device ecosystems.

Share

About Prateek Panda

Prateek Panda is Director of Marketing at Intertrust Technologies and leads global marketing for Intertrust’s device identity solutions. His expertise in product marketing and product management stem from his experience as the founder of a cybersecurity company with products in the mobile application security space.

Related blog posts

Blog

Where insecure PKI goes wrong

Read more

Blog

What are X.509 certificates and how do they enable trust?

Read more

Blog

CA Key Management: The Key to Secure IoT Networks

Read more