Certificate management for Public Key infrastructure (PKI) is one of the most important ways for an organization to stay secure. It has an additional benefit of providing assurance to web site visitors that the site is “real” and not a questionable online scam.
The consequence of inappropriate certificate management can be dramatic. One the latest and best-known examples is Equifax, the beleaguered credit score company that was thoroughly discredited in a 2017 hack, the repercussions of which are still being felt today. This hack even impacted important US government agencies like Centers for Medicare and Medicaid Services, the Social Security Administration, and the Department of Veterans Affairs. At the time, the firm had no less than 300 expired software certificates, making it a prime target for hackers.
While hacks and cybersecurity breaches of government agencies and major businesses like Equifax, gets the most media attention, NGOs are at risk, too. And the same consequences can result in:
- legal jeopardy due to regulations like the EU’s GDPR,
- loss of public confidence,
- direct damage to operations and data.
Unfortunately, certificate management has traditionally been handled by inefficient and risky manual processes, resulting in poor record keeping and gaps in certificate maintenance. Not only is this inefficient, but it’s a recipe for a serious problem. Fortunately, organizations both large and small, have discovered there are new, highly automated ways to improve the process and make it both more secure and more efficient.
While NGOs and foundations, research institutes and small projects are fighting for environmental, social, advocacy and human rights we have found a way to offer a helping hand. Remme invites all who are on the same page as us and advocate the same security standards we espouse, to use Keyhub - our certificate lifecycle management tool - for free.
Keyhub will help to:
- Find all the active certificates for an organization in one place
- Bring together all certificates to one visible inventory
- Provide a network health overview in a dashboard
- Track expiration dates, main vulnerabilities, and provide alerts when needed.
If you are an NGO, foundation, charity, research institute, or similar body, and would like to apply to trial Keyhub without charge, send your request to team@remme.io, citing your organization and contact name. We will get in touch to propose an option that meets your requirements.