25 years of PKI innovation – what’s changed and what’s next
I am now in my 25th year at Entrust. Some may conclude that I show a disappointing lack of ambition, but I prefer to think of it as admirable loyalty. In fact, I have been lucky to work for a company that has supported my development and always provided new challenges. Over those years I have been fortunate to work in a range of interesting roles and collaborate with some very smart people in our customer and partner organizations. The really rewarding part is always spending time with a customer and a whiteboard, working out the best solution for them.
Over the years many things have changed. Entrust has grown to respond to the changing digital landscape. The company now offers a wide range of as a service, managed, and on-premises solutions, cloud native PKI and signing services, as well as more custom solutions. We even manage Microsoft PKI in Azure, which demonstrates our focus on PKI solutions over technology. Our Cryptographic Center of Excellence initiative allows our customers to leverage Entrust PKI and cryptography experience to bolster their teams’ capabilities.
Entrust launched the first commercial PKI in 1994, not long before I joined the company. One of the things that I think sets us apart is that our experience over the next few decades has been real world/roll your sleeves up/integrated/multi-use-case PKI design, policy, deployment, and service delivered over a period of decades. We know what it means to manage a PKI over the long term, and we understand that the long term is the appropriate horizon when you consider the lifetimes of the cryptographic artifacts in play. We have helped customers through the process of replacing a 20-year Root CA, for example.
I see this as the real value of Entrust. The customer organizations that I have had the privilege to work with are among the most complex, and vital to financial, government, and other critical infrastructures that support our societies globally. They have teams of very smart people running their IT estates and they turn to Entrust when they have a question about PKI. They value our experience in the field because they know there is no substitute for it.
Our Cryptographic Center of Excellence is a vehicle through which we can deliver the benefits of this experience to our customers. For many customers, their PKIs have evolved from several tactical deployments targeting narrow use cases such as website security, to addressing new applications like IoT endpoint device authentication. Our Crypto CoE helps organizations take an enterprise approach to ensure that all deployments are visible and are managed at an appropriate assurance level required by today’s Zero Trust approaches.
As enterprises acknowledge the risk of poorly managed cryptography and the need for agility in updating cryptography to maintain adequate security, they are turning to Entrust to validate current deployments and make actionable recommendations on current risks and rising issues:
- Are you tracking the risk of quantum computing attacks on current algorithms?
- Do you have control over the trust anchors in your IT estate?
- Do you maintain policy and process documentation appropriate to the criticality of your PKI?
I have found it personally rewarding to work with customers over this quarter century as their use of our solutions and the demands placed on it have evolved. It certainly focuses the mind when recommending solutions if you expect to still be around if that customer needs help in five, 10, or 20 years. It provides an interesting perspective for me, and it is a testament to Entrust that we have kept our focus on PKI through that time since we launched the first commercial PKI product in 1994. That is a long time in our industry.
So, I would argue (in the form of a blog, for example) that Entrust is well-positioned to provide PKI advice. Better than most. Should you ask us to recommend a product for you? Maybe. If you have good PKI skills within your organization and know your CP from your CPS, then we would love to help you with some technology. For everyone else, we would rather spend some time with you to understand your use cases, assurance requirements, in-house skills and resources, and talk about how we can work with you to help you to solve your business issues. After all, a whiteboard is no fun if you always draw the same picture.
The post 25 years of PKI innovation – what’s changed and what’s next appeared first on Entrust Blog.
*** This is a Security Bloggers Network syndicated blog from Entrust Blog authored by Ian Wills. Read the original post at: https://www.entrust.com/blog/2022/02/25-years-of-pki-innovation-whats-changed-and-whats-next/