GlobalSign’s 2021 PKI survey shows certificate automation still lags and deep confusion around electronic vs digital signatures
Boston, August 3, 2021 – A new study from GlobalSign, a global Certificate Authority (CA) and leading provider of digital signing, identity and security solutions for the IoT, reveals that managing digital certificates, especially expirations and renewals, continues to be a challenging process for businesses of all sizes. There is also a great deal of misunderstanding about digital signatures, how they are different from electronic signatures and the need for each type. The GlobalSign 2021 PKI study of over 300 IT professionals in the U.S. and the UK was conducted by Opinium in March 2021. *
As more companies look to automation and digital transformation during a time of heightened cybersecurity concerns, public key infrastructure (PKI) is a critical technology in the security ecosystem. It secures a wide variety of digital transactions, web domains, code and more. Most companies rely on digital certificates and digital signatures, but the methods being utilized to manage the technology still leave plenty of room for error and improvement. Taking the pulse of IT professionals on this subject was the crux of the GlobalSign 2021 PKI survey.
The GlobalSign survey found that among IT professionals in both the U.S. and the UK, three quarters felt they would be able to – or somewhat be able to – explain the difference between electronic and digital signatures, yet the detailed responses suggested a significant misunderstanding between the two types. For example, the survey suggested the biggest pain points for IT professionals in both the U.S. and UK when thinking about digital signing are managing expirations and certificate renewals (48%) yet when implemented correctly with automation, expired certificates should not impact signature validation.
Beyond digital signatures, top challenges respondents typically encounter when keeping track of certificates include managing multiple types of certificates (45%) and managing large quantities of them (41%). One of the most surprising findings: 36% of IT professionals are still relying on Excel spreadsheets to manage certificates, even though automation tools are widely available.
The issue of managing certificates – especially expirations – continues to be a significant problem across businesses. Such occurrences can create costly service disruptions. In April alone, there were instances of certificate expiration in the gaming industry, at a large VPN and also with a major credit card company.
Despite these occurrences, only 39% of survey respondents ranked certificate outages and business interruptions among their biggest concerns of “getting PKI wrong”. But based upon the frequency with which certificate outages occur, their concern should be much greater.
The GlobalSign 2021 PKI survey also uncovered further inconsistencies among respondents. While nearly 75% of IT professionals responded that they have the tools needed to stay on top of certificate expirations and renewals (now that the validity period for digital certificates has been reduced to 13 months), only 6% said they were happy with the way they currently manage certificates. The rest would make changes, such as spending less time managing them and making them:
- Easier to track (39%)
- Have automated certificate provisioning/enrollment (38%)
- Have centralized visibility and control (36%) **
“IT has so many responsibilities now, which means there is no time for in-house certificate management. The obvious answer is to unload this complex process to an experienced provider,” said Lila Kee, General Manager, Americas, GlobalSign. “The survey findings underscore that automation is a critical tool that enables IT professionals to better manage certificates. The advantages are extremely beneficial to the business enterprise. Not only does automation greatly reduce or eliminate certificate expiration, it alleviates compliance concerns and it frees up IT resources.”
Kee added: “As to the findings regarding digital signatures, they exposed how much education is still required so that IT professionals truly understand how PKI works and its many benefits.”
To view the complete results of GlobalSign’s 2021 PKI survey, download our eBook.
GlobalSign will host a webcast to review the survey findings on Wednesday, September 8 at 11:00 am ET on the BrightTALK network. Register today!
About GMO GlobalSign
As one of the world’s most deeply-rooted certificate authorities, GlobalSign is the leading provider of trusted identity and security solutions enabling businesses, large enterprises, cloud-based service providers, and IoT innovators worldwide to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale PKI and identity solutions support the billions of services, devices, people, and things comprising the IoT. A subsidiary of Japan-based GMO GlobalSign Holdings K.K and GMO Internet Group, GMO GlobalSign has offices in the Americas, Europe and Asia. For more information, visit https://www.globalsign.com.
Media Relations Contact
Amy Krigman
Director of Public Relations - West
Phone: 603-570-7060
Email: amy.krigman@globalsign.com
Sources
* Research was conducted by Opinium from 23 to 31 March 2021, amongst 157 US IT professionals and 153 UK IT professionals (all manager level or above who either make or help reach final decisions around IT-related purchases).
** Respondents answered a multiple-choice question (of up to three options), therefore, they chose multiple answers that added up to more than 100.