Digitization Trends and the Need to Manage Uptime for Machine Identities

September, 02, 2020

Blogger Image

Vikas Kapoor

Practice Head - ServiceNow

Covid19 has brought forward several digitization trends and transformations that were already underway long before the pandemic started. Enterprises that were looking to spend on the initiatives pertaining to cybersecurity, cloud computing, or IoT in the coming years got an additional impetus with a dramatic jump in the number of customers looking for services online.

Increased online presence and the complexity associated with technologies powering the underpinnings of today’s world make it difficult for organizations to keep track of the essential tasks needed to maintain uptime of their services.

And, if that wasn’t enough, the fact that a majority of the companies still rely on manual processes reduces the ability of many in ensuring the uptime or solving incidents quickly and efficiently.

We may question, “How does it matter?” Well, for starters, unplanned downtime and disruption lead to an increase in the number of issues and outage management exercises. That, coupled with significant losses in revenue and the potential of losing customers to rival services, makes it imperative to gain complete visibility into service availability.

Digitization and ServiceNow

When we talk about uptime and digitization, we can’t help but think of ServiceNow. ServiceNow has become the ubiquitous standard and best of breed tool for today’s IT managers trying to stay in control of the infrastructure and prevent outages.

One of the key facets of infrastructure readiness is maintaining a centralized database of all the infrastructure components, also known as CMDB. IT teams use CMDB to store information on the configuration of items within the organization, including hardware, software, systems, facilities, and sometimes, personnel. It is the purview of the IT organization to define which items should be tracked and how to do so. This configuration data can include relationships and interdependencies between items, the history of changes to each item, and class and attributes—such as type, owner, and importance—for each item.

One such attribute is certificate information associated with the servers hosting the applications. Commonly called SSL/TLS certificates, they’re an essential component of a network’s Public Key Infrastructure (PKI). They act as the digital identity of a network endpoint and assure entities that communicate with the endpoint that it is legitimate. Certificates build a foundation of trust for a network and its components since they are digitally signed by the certificate authority.

Significance of TLS Certificates

TLS certificates are one of the key components in powering those online services and are not that well managed, even in this current environment. A good example is the Microsoft team’s outage or the Equifax breach that happened in the not so distant past.

Digital certificate outages, when an organization forgets to replace an expiring certificate for a business-critical domain name, continue to cause business disruption and security risks.

  • Failure to replace a digital certificate on a business-critical domain will lead to the loss of essential services for your customers and staff.
  • An outage can weaken your defenses to a cyber-attack and lead to the loss of your customers' personal data.

As Infosecurity Magazine points out, the CIOs are beginning to have their teams pay more attention to managing the TLS certs and thereby managing this important piece of their infrastructure puzzle.

With the Orlando release, ServiceNow has provided a structure for its customers to manage TLS certificates.

Certificate Inventory and Management solution on ServiceNow provides a platform-centric approach to the lifecycle management of TLS certificates. This solution, combined with task fulfillment, can provide a methodical approach to the request and renewal management of expired TLS certificates. Automating manual tasks, such as a request for new certificates and renewal of expired certificates, increases the productivity of the Public Key Infrastructure (PKI) team by ~30% and helps to digitize their manual workflows.

While this solution goes a long way in automating some of the manual tasks, IT teams still need to manage the nuances associated with the ever-changing best practices around digital certificates on their own.

One such example is the changes recommended by the Certificate Authority Browser Forum (CA/B Forum) from time to time that requires organizations to define their security and validation level, implement a digital certificate policy, and establish full accounting of the digital certificates.

Addressing Issues in Machine Identity Management

Venafi, as the industry’s leading authority in machine identity management, has been helping global customers by providing solutions to manage machine identity.

One such solution is the Venafi trust platform that removes blind spots from encrypted traffic in real-time. Our security platform safely delivers trusted keys to help you maximize SSL/TLS decryption, inspection, and threat protection.

Venafi secures and protects the cryptographic keys and digital certificates that all organizations rely on to keep communications between machines secure and private. Keys and certificates are designed to solve the original Internet security problem by accurately identifying servers and browsers so they can safely communicate back and forth independently.

Venafi, through its TPP platform, ensures that organizations don’t need to worry about the best practices and latest standards pertaining to TLS certificates and can manage the end-to-end lifecycle with ease. That includes the deployment of digital certificates on the infrastructure devices and complete accounting of the certificates.

A large number of Venafi customers also use ServiceNow to manage the infrastructure and need the ability to manage the lifecycle of the digital certificate from within the platform.

nCert: Seamless Digital Certificate Management

nCert, a ServiceNow application created in partnership between Nous Infosystems and Venafi, delivers a seamless experience for ServiceNow users through integrations with Venafi's TPP Platform. It provides users with easy access to machine identities, saving them the hassle of switching through multiple systems. The app enables enterprises that run complex infrastructures using ServiceNow's ITSM and ITOM capabilities to leverage Venafi's visibility and discovery features without leaving the ServiceNow interface.

nCert empowers users with new efficiencies in managing digital certificates. It ensures improved security by reducing loopholes caused by incomplete visibility into certificate usage. The app provides a single interface to view and manage certificates - reducing errors, increasing productivity, and mitigating business downtime due to the unnoticed expiration of certificates.

nCert is available for download on the ServiceNow Store. To learn more about the features and benefits of using nCert, click here.

Join the conversation

What are your thoughts on this blog? Drop us a line below. We’d love to hear from you.

© 2021 Nous Infosystems. All rights reserved.