The IT Nerd

While CIOs drive innovation, CISOs ensure information assets and technologies are adequately protected while reducing risk. As the strategy around identity and access management (IAM) has changed and machine identity management becomes crucial, these two roles need to work together to build a comprehensive strategy.

Digital identity security vendor Keyfactor and Pulse Research surveyed North American and EMEA CIOs and CISOs to understand their priorities around IAM. The report is available here. But here’s some highlights:

Keyfactor, the pioneer of PKI as-a-Service (PKIaaS), and leader in machine identity management, today introduced Keyfactor Certificate Lifecycle Automation as-a-Service (CLAaaS)[AT1] , a new cloud-native solution to support certificate management in complex hybrid and multi-cloud environments with strict regulatory and policy requirements.

Recent research found that IT and security pros identified scalability and performance (53%) and support for multiple CAs (45%) as critical capabilities for PKI and certificate management. Keyfactor addresses these priorities with multiple flexible and scalable deployment options, including on-premises software, SaaS, and fully managed PKIaaS.

Keyfactor CLA as a Service enables:

• Turnkey deployment: leverages SaaS-based deployment to reduce the effort and expense of running software and server infrastructure on-premises.
• On-premises PKI: adheres to strict security requirements, allowing customers to keep private PKI on-premises by leveraging certificate automation via the Keyfactor Cloud.
• Full automation: delivers full certificate discovery, management, and lifecycle automation.
• Minimal friction: simplifies setup through a single secure outbound connection via port 443 back to the Keyfactor Cloud.
• Hybrid and scalable PKI: offers the ability to migrate to Keyfactor PKIaaS or run in tandem with other public CAs and on-premises private PKIs.

The Remote CA Gateway is part of the latest major product release, Keyfactor 9. To learn more about the solution or request a demo, visit: https://www.keyfactor.com/demo-request/.

Keyfactor is the leader in cloud-first PKI-as-a-Service (PKIaaS) and crypto-agility solutions. Its Crypto-Agility Platform™ empowers security teams to seamlessly secure and orchestrate every machine identity across their entire enterprise. The company helps its customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains.

With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe. Built on a foundation of trust and security, Keyfactor is a proud equal opportunity employer, supporter and advocate of growing a trusted, secure, diverse, and inclusive workplace. For more information, visit www.keyfactor.com or follow Keyfactor on LinkedIn, Twitter, and Facebook.

According to research from digital identity security vendor Keyfactor and Pulse Research, which surveyed North American IT and security leaders in the financial sector, 94% of respondents failed one or more internal audits related to PKI (public key infrastructure) and digital certificate management in the last two years, where nearly half (49%) experienced three or four failures.

IT leaders and teams in financial services are responsible for ensuring the security of payment-related data and financial records. These important tasks are coming under increased focus after high profile data breaches in the financial services realm. The survey explores trends in identity and access management (IAM) and where machine identities fit into their overall IAM strategy.

The study is available here but here are some key highlights:

Keyfactor, the pioneer of PKI as-a-Service, and leader in machine identity management, today announced the appointment of Martin Musierowicz as chief revenue officer. Musierowicz will be responsible for leading the strategic design and execution of Keyfactor’s global go-to-market operatives, including direct sales, marketing and channel.

With over 20 years of experience in enterprise software, Musierowicz brings an extensive track record of growing sales and partner channels that builds upon Keyfactor’s  164% year-over-year revenue growth. Most recently, Musierowicz spent seven years as head of global channels at Atlassian, where he took the company’s partner reseller program from its infancy to over $1B in bookings. Musierowicz’s responsibilities included scaling and establishing Atlassian operations and growing its EMEA presence in Amsterdam and London, as well as across APAC in Tokyo and Seoul. Prior to Atlassian, Musierowicz held executive sales and operation roles at Alfresco where he led global growth from $0 (pre-product) to just over $100M in annual recurring revenue.

The rise of securing machine identities – cryptographic keys, digital certificates and secrets – and outage mitigation has become a mission-critical priority for Identity and Access Management (IAM) leaders. Recent research from the Ponemon Institute found that 88% of responding companies continue to experience unplanned outages due to expired certificates.

Musierowicz’s appointment follows Keyfactor’s year of unprecedented revenue growth which includes ranking on Deloitte’s 2020 Technology Fast 500 List and recognition as the Fastest Growing Certificate Automation Provider on the 2020 Inc. 5000. Additionally, Keyfactor is a sample vendor in Gartner’s Technology Insight for X.509 Certificate Management, 2020 and leads G2’s certificate lifecycle managementcategory with the most satisfied peer reviews.

To learn more about how Keyfactor is helping enterprises secure their machine identities and move their Public Key Infrastructure (PKI) to the cloud, visit: www.keyfactor.com/.

Today, cybersecurity company Keyfactor announced a partnership with Google Cloud Certificate Authority Service (CAS). The integration combines Keyfactor’s certificate lifecycle automation with Google’s cloud-native private CAS to meet the needs of security, infrastructure and application teams in the cloud.

Keyfactor + Google CA Service

Google Cloud Platform’s CAS allows teams to simplify the deployment and management of private CAs for their cloud-native workloads and applications. Now, Keyfactor customers can plug directly into Google CAS to seamlessly integrate cloud-based private CAs into their overall enterprise PKI (public key infrastructure) strategy.

Using the flexible AnyCA Gateway, Keyfactor synchronizes in real-time via the Google Certificate Authority Service API to continuously inventory every certificate issued. With a complete inventory, PKI teams will now have a centralized view into the health and status of all certificates, backed by powerful protocol-based and out-of-the-box automation.

Integration features/benefits:
 

• Multi-CA, multi-cloud: Keyfactor provides a comprehensive view of all machine identities in a single console via public and private CA integrations, network-based discovery, and authenticated discovery of key and certificate stores.
• Self-service: Application owners can quickly request and provision certificates automatically via a user-friendly self-service interface or RESTful APIs.
• Auto-enrollment: Google-issued certificates can be auto-enrolled via protocol-based automation, such as SCEP or ACME, using proxies built into the Keyfactor platform.
• Automated provisioning: Keyfactor Orchestrators automatically renew and provision certificates to multiple servers, devices and network endpoints.
• DevOps & IoT integrations: Native integrations and plugins make it easy for teams to automate certificate deployment to popular tools such as HashiCorp Vault, Jenkins, Kubernetes, Istio service mesh, and more.
• Flexible deployment: Customers can deploy certificate lifecycle automation (CLA) within their datacenter, in Google Cloud Platform, or as a service (CLAaaS).

To read more about the integration, visit: https://www.keyfactor.com/blog/keyfactor-and-google-cloud-certificate-authority-service/

For Google’s official announcement, visit: https://cloud.google.com/blog/products/identity-security/google-cloud-certificate-authority-service-is-now-ga

Keyfactor and PrimeKey today announced they have completed their previously reported merger under the Keyfactor brand.

Keyfactor, the pioneer of PKI as-a-Service, and leader in machine identity management, provides certificate lifecycle automation and crypto-agility solutions. PrimeKey’s EJBCA software offers the most flexible private PKI (public key infrastructure) and certificate authority (CA) supporting DevOps, IoT, manufacturing and enterprise use cases. Combined, both solutions created the industry’s first end-to-end machine identity management platform – with flexible and highly scalable certificate issuance and automated deployment of machine identities across complex enterprise and emerging IoT and OT use cases.

In 2020, Keyfactor and PrimeKey announced a technology integration partnership. The integration combined Keyfactor’s Certificate Automation with PrimeKey’s EJBCA Enterprise product, offering Keyfactor and PrimeKey customers end-to-end visibility and automation to all private and publicly issued certificates via a single platform.

Keyfactor is the leader in cloud-first PKI-as-a-Service and crypto-agility solutions. Its Crypto-Agility Platform empowers security teams to seamlessly orchestrate every key and certificate across their entire enterprise. The company helps its customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains.

With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe. PrimeKey is one of the world’s leading PKI and signing solutions providers and has developed several innovative products, including EJBCA Enterprise, SignServer Enterprise, PKI Appliance, PrimeKey SEE and Identity Authority Manager. As a pioneer in open-source security software, PrimeKey provides global businesses and organizations the ability to implement vital security solutions, such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation. PrimeKey products are Common Criteria and FIPS-certified, the company’s internal processes are ISO 9001, 14001 and 27001 certified and it has numerous Webtrust/ETSI and eIDAS-audited customers.

Keyfactor^® and PrimeKey^® today announced their intent to merge under the Keyfactor brand while committing to increased investments across all product lines.

Keyfactor is the pioneer of PKI as-a-Service, and the recognized leader in certificate lifecycle automation and crypto-agility solutions. PrimeKey’s EJBCA^® software offers the most powerful and flexible certificate authority (CA) supporting DevOps, IoT, manufacturing and enterprise use cases.

The merger forms an industry-first machine identity management platform, combining Keyfactor’s certificate lifecycle automation with PrimeKey’s EJBCA. The new platform will provide end-to-end machine identity management – with flexible and highly scalable certificate issuance and automated deployment of machine identities across complex enterprise and emerging IoT and OT use cases.

Machine identity management was introduced by Gartner in its Hype Cycle for Identity and Access Management Technologies, 2020 report and recognized as a “high” benefit in IAM. Even though machine identities, such as keys, certificates and secrets continue to outnumber human identities (e.g., usernames and passwords), they are often left out of an IAM strategy. Keyfactor customers recognize that cryptography is the critical infrastructure to ensure digital trust and help CISO’s achieve crypto-agility for their digital business.

PrimeKey’s employees will join Keyfactor, creating an unprecedented mashup of talent in the identity management space. Jordan Rackie will continue leading the organization as CEO and Magnus Svenningson will assume the role of chief strategy officer (CSO) and executive vice president (EVP) of business development. The combined company will have a global presence with offices in the U.S., EMEA and Asia-Pacific. The transaction is expected to close within the next 90 days, pending approval by the Swedish authorities.

This $125 million growth infusion, led by Insight Partners, adds to its initial $77 million investment in Keyfactor in 2019.

About Keyfactor 

Keyfactor is the leader in cloud-first PKI-as-a-Service and crypto-agility solutions. Its Crypto-Agility Platform™ empowers security teams to seamlessly orchestrate every key and certificate across their entire enterprise. The company helps its customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains.

With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe. Built on a foundation of trust and security, Keyfactor is a proud equal opportunity employer, supporter and advocate of growing a trusted, secure, diverse and inclusive workplace. For more information, visit www.keyfactor.com or follow Keyfactor on LinkedIn, Twitter and Facebook.

About PrimeKey 

PrimeKey is one of the world’s leading PKI and signing solutions providers and has developed several innovative products, including EJBCA^® Enterprise, SignServer Enterprise, PKI Appliance, PrimeKey SEE and Identity Authority Manager.

As a pioneer in open-source security software, PrimeKey provides global businesses and organizations the ability to implement vital security solutions, such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation. PrimeKey products are Common Criteria and FIPS-certified, the company’s internal processes are ISO 9001, 14001 and 27001 certified and it has numerous Webtrust/ETSI and eIDAS-audited customers.

PrimeKey has offices in Stockholm, Sweden; Aachen, Germany; San Mateo, USA; and Melbourne, Australia. With a global network of technology and reselling partners, PrimeKey supports a customer roster that includes industry-leading companies and institutions across the IT, telecommunications, industry, finance and public sectors. For more information, please visit www.primekey.com or follow on LinkedIn and Twitter.

Keyfactor, the leader in PKI as-a-Service and crypto-agility solutions, and Ponemon Institute today released the first-ever State of Machine Identity Management Report, a study exploring enterprises’ ability to manage and protect machine identities, keys and certificates in digital business.

Distributed workforces and the proliferation of connected devices have contributed to a rapid rise in the volume of machine identities. As a result, increased workloads, lack of visibility, misconfigurations and shorter SSL/TSL certificate lifespans are creating concern and risk for IT professionals and security leaders.

Additional key report findings:

• Certificate-related outages are widespread: 88% of organizations reported experiencing at least one unplanned outage due to expired certificates in the past 24 months. Another 41% reported four or more outages.
• The rate of failed audits is rising: on average, organizations experienced approximately five failed audits or compliance incidents due to insufficient key management within the past 24 months. Compared to other machine identity-related incidents, such as unplanned certificate outages or theft and misuse of keys and certificates, audit failures are considered the most serious, according to 75% of respondents. 
• Neglected SSH credentials and code signing keys are increasing security risk: 57% of respondents do not have an accurate inventory of SSH keys and 26% say they never rotate SSH credentials. Many enterprise teams continue to store sensitive code-signing keys on build servers (33%) and developer workstations (19%).
• Enterprises are struggling to establish internal policies, governance and best practices: only 1/3 of organizations report having a mature cryptographic center of excellence (CCoE) to support the direction and implementation of an enterprise-wide cryptography strategy. 
• Staffing shortages: 40% of respondents identified a lack of skilled personnel as a barrier to setting an enterprise-wide cryptography and machine identity strategy. Only 45% of teams say they have sufficient staff dedicated to their PKI deployment.

The study was conducted by Ponemon Institute on behalf of Keyfactor and includes responses from 1,162 IT and infosec executives and practitioners in North America and EMEA, spanning 12 industries, including financial services, healthcare, manufacturing, retail and automotive.

View the complete findings and download the 2021 State of Machine Identity Management Report today.

Keyfactor, the leader in PKI as-a-Service and crypto-agility solutions, and Ponemon Institute today released the first-ever State of Machine Identity Management Report, a study exploring enterprises’ ability to manage and protect machine identities, keys and certificates in digital business.

Distributed workforces and the proliferation of connected devices have contributed to a rapid rise in the volume of machine identities. As a result, increased workloads, lack of visibility, misconfigurations and shorter SSL/TSL certificate lifespans are creating concern and risk for IT professionals and security leaders.

Additional key report findings:

• Certificate-related outages are widespread: 88% of organizations reported experiencing at least one unplanned outage due to expired certificates in the past 24 months. Another 41% reported four or more outages.
• The rate of failed audits is rising: on average, organizations experienced approximately five failed audits or compliance incidents due to insufficient key management within the past 24 months. Compared to other machine identity-related incidents, such as unplanned certificate outages or theft and misuse of keys and certificates, audit failures are considered the most serious, according to 75% of respondents. 
• Neglected SSH credentials and code signing keys are increasing security risk: 57% of respondents do not have an accurate inventory of SSH keys and 26% say they never rotate SSH credentials. Many enterprise teams continue to store sensitive code-signing keys on build servers (33%) and developer workstations (19%).
• Enterprises are struggling to establish internal policies, governance and best practices: only 1/3 of organizations report having a mature cryptographic center of excellence (CCoE) to support the direction and implementation of an enterprise-wide cryptography strategy. 
• Staffing shortages: 40% of respondents identified a lack of skilled personnel as a barrier to setting an enterprise-wide cryptography and machine identity strategy. Only 45% of teams say they have sufficient staff dedicated to their PKI deployment.

The study was conducted by Ponemon Institute on behalf of Keyfactor and includes responses from 1,162 IT and infosec executives and practitioners in North America and EMEA, spanning 12 industries, including financial services, healthcare, manufacturing, retail and automotive.

View the complete findings and download the 2021 State of Machine Identity Management Report today.

96% of North American enterprise IT security leaders say public key infrastructure (PKI) and digital certificates are essential to achieving zero trust architecture. Yet only 39% use PKI as part of their zero trust security strategy today according to an executive survey from Pulse Research and Keyfactor, the leader in PKI as-a-Service (PKIaaS) and crypto-agility solutions. The survey explores enterprise security priorities, the challenges of zero trust strategy implementation and the use of PKI and digital certificates within a zero trust architecture.

PKI is comprised of digital certificates and cryptographic keys that provide trusted and secure connections to protect user and machine identities. A zero trust model relies on trusted connections, controls and machine identity authentication to mitigate security risks and ensure machine-to-machine communications are secure.

Additional key findings:

• Adoption drivers: 68% are prioritizing zero trust strategy implementation for security risk mitigation with 50% citing time-to-breach detection reduction.
• Investment priorities: 72% of IT leaders cite cloud-first migration followed by remote workforce (65%) and digital customer experience improvements (46%).
• Budget allocation: 92% of respondents have allocated up to 20% of their 2021 technology budget to PKI and/or cryptography investments.
• Implementation challenges: 73% see technology gaps as their organization’s greatest barrier to implementation, followed by cost concerns (69%) and a talent or skills shortage (45%).
• PKI requirements: 71% of IT leaders are prioritizing key and certificate visibility, followed by enabling automation (56%) and cloud-first PKI deployment (49%).

The survey was conducted by Pulse Research on behalf of Keyfactor and included responses from 100 North American executive and VP-level IAM leaders in enterprises with between 5,000 and 10,000+ global employees.

View the complete findings and download the report today.