CERTIFICATE MANAGEMENT SURVEY

Similar documents
STATE OF THE DATA CENTER SURVEY GERMANY RESULTS

Discover the Latest Innovations with Website Security Solutions Lee-Lin Thye

Avoiding The Hidden Costs. of the Cloud

Managing SSL Certificates with Ease

White Paper. Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise

Business Continuity and Breach Protection: Why SSL Certificate Management Is Critical to Today s Enterprise

The Symantec Smartphone Honey Stick Project

Leveraging a Maturity Model to Achieve Proactive Compliance

8 Key Requirements of an IT Governance, Risk and Compliance Solution

How To Protect Your Endpoints From Attack

Leveraging Symantec CIC and A10 Thunder ADC to Simplify Certificate Management

2012 Endpoint Security Best Practices Survey

Simplify SSL Certificate Management Across the Enterprise

Best Practices for a BYOD World

White Paper. Simplify SSL Certificate Management Across the Enterprise

The Impact of HIPAA and HITECH

PCI DSS 3.1 and the Impact on Wi-Fi Security

Enterprise Vault 11 Feature Briefing

Reducing Risk Through Effective Certificate Management

X.509 Certificate Management: Avoiding Downtime and Brand Damage

Is online backup right for your business? Eight reasons to consider protecting your data with a hybrid backup solution

5 Must-Haves for an Enterprise Mobility Management (EMM) Solution

Proactively Managing Servers with Dell KACE and Open Manage Essentials

Raise your Google Ranking

Don't Wait Until It's Too Late: Choose Next-Generation Backup to Protect Your Business from Disaster

SOLUTION BRIEF: CA IT ASSET MANAGER. How can I reduce IT asset costs to address my organization s budget pressures?

INFORMATION PROTECTED

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Licensing Symantec Certificates

Self Help Guides. Setup Exchange with Outlook

Simplify Your Windows Server Migration

Insight. Security Response. Deployment Best Practices

DATASHEET CONTROL COMPLIANCE SUITE VENDOR RISK MANAGER 11.1

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Symantec NetBackup 7.5 What s New and Version Comparison Matrix

Thought Leadership White Paper. Omni-channel transforms retail transactions

B2B E-Commerce Solutions Empower Wholesale Distributors

Accenture 2010 Global Consumer Research executive summary

Closing the Vulnerability Gap of Third- Party Patching

Reduce Costs and Improve Materials Management with Mobile Technology

NetBackup Best Practice Using Tape Storage with Deduplicating Disk Storage

Direct virtual machine creation from backup with BMR

CA Clarity PPM. Overview. Benefits. agility made possible

Security and Trust: The Backbone of Doing Business Over the Internet

Symantec Control Compliance Suite. Overview

Today s State of Work: The Productivity Drain

Asset Discovery with Symantec Control Compliance Suite

Reducing the cost and complexity of endpoint management

Self Help Guides. Create a New User in a Domain

Symantec Asset Management Suite 7.6 powered by Altiris technology

Optimize Application Performance and Enhance the Customer Experience

Don t Lose the Data: Six Ways You May Be Losing Mobile Data and Don t Even Know It

Cyber Security Services: Data Loss Prevention Monitoring Overview

BES10 Self-Service. Version: User Guide

ORACLE OPS CENTER: VIRTUALIZATION MANAGEMENT PACK

Symantec Managed PKI for SSL Support Overview. How to get quick and convenient customer support

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

The Amdocs Enterprise Customer Management Solution

Symantec Asset Management Suite 8.0

BlackBerry Business Cloud Services. Version: Release Notes

Release Notes. BlackBerry Web Services. Version 12.1

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

An Oracle White Paper March European Consumer Views of E-Commerce: A Consumer Research Study of Buying Behavior and Trends

Symantec Mobile Security

Symantec Asset Management Suite 7.5 powered by Altiris technology

Frequently Asked Questions. Frequently Asked Questions: Securing the Future of Trust on the Internet

New Security Features

Software License Asset Management (SLAM) Part III

Taking the Leap to Virtualization

Powering Content-Rich Customer Success Centers for Omnichannel Support

Beginner s Guide to SSL Certificates

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud

Clariant: Optimizing Product Safety and Stewardship with SAP Software

LANDesk Service Desk Certified in All 15 ITIL. v3 Suitability Requirements. LANDesk demonstrates capabilities for all PinkVERIFY 3.

VMware Cloud Adoption Study

ENTERPRISE MANAGEMENT AND SUPPORT IN THE INDUSTRIAL MACHINERY AND COMPONENTS INDUSTRY

Real-Time Security for Active Directory

Amdocs Multichannel Selling Solution

Software License Asset Management (SLAM) Part 1

agility made possible

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

Understanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions

Transcription:

CERTIFICATE MANAGEMENT SURVEY GLOBAL RESULTS 2013

CONTENTS 3 4 5 7 8 9 METHODOLOGY INTRODUCTION SSL CERTIFICATE MANAGEMENT IS COMPLEX STAKES HIGH WITH CERTIFICATE MANAGEMENT COMPANIES IN DENIAL ABOUT EXPIRED CERTIFICATES SYMANTEC RECOMMENDATIONS 2

METHODOLOGY Symantec commissioned ReRez Research to carry out the 2013 Certificate Management Survey in December of 2012. They spoke with 100 enterprises in a total of seven countries, each with 500 or more employees, as well as 100 consumers who shop online at least once per month. The survey has a 95 percent liability, with +/- 9.8 percent margin of error. North America United States Canada EMEA United Kingdom Germany APJ Australia Japan Singapore 100 enterprises 100 consumers 3

Most (82%) see rogue certificates INTRODUCTION The world today runs on information being transmitted from one place to another, and securing that information is vital for businesses. With ecommerce steadily increasing every year totaling more than $200 billion over the last year in the United States alone, according to the U.S. Census Bureau maintaining consumer confidence for online transactions is more important than ever. If an organization can t show potential customers that their money is safe, they may decide to go with a competitor, or shy away from online purchases completely. One critical component of a secure online business is SSL certificates. Up-to-date trusted certificates can make a difference in consumer perception of online purchases. In order to discover how organizations are coping with the complexities of SSL certificate management, and evaluate their customers attitude, Symantec fielded the 2013 Certificate Management Survey. Average company manages almost 2,000 SSL certificates SSL CERTIFICATE MANAGEMENT IS COMPLEX Most use multiple methods to track SSL Yet, one third say their catalog is less than somewhat accurate 4

SSL CERTIFICATE MANAGEMENT IS COMPLEX As ecommerce matures, the number of certificates to manage is growing now numbering nearly 2,000. With so many to manage, it s little wonder that the majority of enterprises (82 percent) deal with at least some certificates that are generated beyond IT controls. These rogue certificates can lead to loss of data, dissatisfied customers, and strained IT resources. How common are so-called rogue certificates in your organization? 25% 15% 15% 25% 24% 20% 13% 3% 5% We don t have any rogue certificates This is extremely rare We have a few here and there We have a moderate number of rogue certificates We have a lot of rogue certificates We don t know 5

Keeping track of certificates is important, but most organizations are struggling to effectively deal with them. In fact, tracking them through a Word or Excel file is more popular than using software for management, which may require them to manually handle changes in certificate status. The result of this complexity is that one-third of businesses feel their catalogue is less than somewhat accurate. What are the ramifications of poor certificate management? How do you keep track of these certificates so you know, for example, when they will expire, who owns the certificate, and so on? 80% 50% 2% 38% 43% 58% 61% 20% We don t use anything to manage SSL certificates We wrote our own application for this We use a public domain software solution We use a commercial software solution We have all our certificates logged in Word or Excel 6

STAKES HIGH WITH CERTIFICATE MANAGEMENT There are a variety of consequences following SSL certificate mishaps, including the need for IT management spending time remediating the situation, more calls to IT or customer support, downtime due to data breaches and intellectual property theft. And in fact the average organization has lost $222,000 over the last year as a result of certificate issues. Aside from these direct costs, what effect can an expired certificate have on customer behavior? What kinds of costs have you experienced as a result of certificate mishaps in the past year? (means shown) Loss of stack value due to negative press arising from certificate mishap Loss of brand or reputation Compliance-related costs,including fines Loss of revenue due to an expired or compromised certificate which scared customers away 6% 10% 21% 27% Theft of intellectual property 33% Downtime due to a certificate-related security breach 45% Stakes high with SSL certificate management Last year, due to certificate mishaps the typical $222,000 Higher call volume to customer or IT support IT management time spent remediating certificate mishaps 47% 51% 10% 30% 50% 7

COMPANIES IN DENIAL ABOUT EXPIRED CERTIFICATES Unfortunately, there s a gap between what businesses think customers would do and what they actually would do when they see an expired certificate on a website as they make a purchase. More than half of the organizations we surveyed (57 percent) believe that in this case the customer will continue their transaction, or at least contact them for help. The sad truth, however, is that only 27 percent of customers said they would proceed; the remaining 73 percent said they would forget the transaction. This highlights the need for enterprises to more effectively manage their certificates, to avoid lost revenue. What can they do to reduce their certificate mishaps? If a customer encounters an expired certificate while shopping, they will 57% 27% 50% Enterprises customer will continue transaction or contact for help Consumers continue or contact for help 30% 10% 8

RECOMMENDATIONS 1. Centralize SSL certificate inventory information2 2. Leverage automation to simplify management 3. Deploy one easy-to-use, easy-to-maintain system for the entire organization

Copyright 2013 Symantec Corporation. All Rights Reserved. Symantec, the Symantec Logo, the Checkmark Logo, and Norton are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. NO WARRANTY. Symantec makes this document available AS-IS, and makes no warranty as to its accuracy or use. The information contained in this document may include inaccuracies or typographical errors, and may not reflect the most current developments, and Symantec does not represent, warrant or guarantee that it is complete, accurate, or up-to-date, nor does Symantec offer any certification or guarantee with respect to any opinions expressed herein or any references provided. Changing circumstances may change the accuracy of the content herein. Opinions presented in this document reflect judgment at the time of publication and are subject to change. Any use of the information contained in this document is at the risk of the user. Symantec assumes no responsibility for errors, omissions, or damages resulting from the use of or reliance on the information herein. Symantec reserves the right to make changes at any time without prior notice. No part of this publication may be copied without the express written permission of Symantec Corporation, 350 Ellis Street., Mountain View, CA 94043. 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information