Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/27/2013
07:39 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

74 Percent of Enterprise IT Professionals Say SaaS Certificate Authorities Provide Greater Security Than Internal CAs

Survey Reveals SaaS Certificate Authorities Reduce Management Burdens Caused by Internal CAs such as Microsoft Certificate Services

Boston, MA – March 27, 2013 - GlobalSign, the enterprise SaaS Certificate Authority (CA), today announced survey findings revealing the advantages of using a public SaaS CA versus an internal CA, such as Microsoft Certificate Services, for digital certificate issuance and management. A full report with executive summary is available at www.globalsign.com/resources/saas-based-ca-report.pdf. Just as physical IDs ensure trust in the real world, digital certificates ensure trust across the Internet, establishing secure communications between servers, machines, people and enterprise cloud infrastructures. The GlobalSign survey revealed that 74 percent of enterprise IT professionals who responded find SaaS CA providers to be more secure than Microsoft Certificate Services. The survey also revealed that 55 percent of respondents use SaaS CAs to issue digital certificates, and 44 percent of respondents believe SaaS CAs significantly reduce the costs and management burden caused by internal CA processes.

Enterprises use two types of digital certificate services to secure data, their networks, cloud infrastructures and applications. Internal CAs require organizations to create, sign and manage certificates, a process requiring advanced knowledge of the Public Key Infrastructure (PKI) environment and significant time and human resources. SaaS CAs provide enterprises with trusted certificates, the latest in security technology, PKI service management, and fast and easy deployment, without requiring advanced PKI knowledge and significant resources.

“As enterprises become more dependent on digital communications, cloud infrastructures and mobile communications, the need for digital certificates will continue to rise exponentially, providing a challenge to enterprises everywhere," said Steve Waite, CEO of GlobalSign Americas. “The survey proved our initial belief to be true: SaaS CAs provide enhanced services, ease of management and superior security when compared to internal CAs. SaaS CAs allow IT departments to quickly implement certificate services that enable secure communications and protect sensitive data without the administrative burdens and technical headaches of internal CAs.”

Key Survey Findings: When asked about the administrative burden internal CAs such as Microsoft cause, respondents that answered revealed the following: • 45 percent feel that the management of certificates is too complex and that they would rather use a SaaS CA provider • 50 percent responded that they do not have the internal resources or staff with the technical expertise and audit requirements in digital certificates to use an internal CA • 53 percent do not want to bear the burden of maintaining the ever-changing PKI environment

When asked why it is easier to use a SaaS CA as opposed to Microsoft, respondents that answered revealed the following: • 47 percent say it is easier because they do not need internal PKI expertise when using a SaaS CA • 53 percent note that using a SaaS CA is easier because certificate policy standards are already established • 53 percent say SaaS CAs provide the most advanced, up-to-date security • 53 percent feel that the SaaS model eliminates management, upgrade costs and other burdens • 25 percent of respondents plan on increasing use of third-party certificates by over 50 percent in the next two years

For more information on the survey findings and to access the GlobalSign report, www.globalsign.com/resources/saas-based-ca-report.pdf.

The survey polled 154 respondents from various industries, including but not limited to financial services, healthcare, manufacturing, government, retail and technology. Titles of respondents include but are not limited to CEO, vice president, director, IT manager, network administrator and systems administrator. Not all questions applied to all respondents; percentages are based on the number of respondents who answered questions specific to each findings area.

For more information on GlobalSign visit www.globalsign.com. To follow GlobalSign on Twitter, click here. To interact with GlobalSign on Facebook, click here.

About GMO GlobalSign GlobalSign has been a trust service provider since 1996. Its focus has been, and always will be, on providing convenient and highly productive PKI solutions for organizations of all sizes. Its core Digital Certificate solutions allow its thousands of authenticated customers to conduct SSL secured transactions, data transfer, distribution of tamper-proof code, and protection of online identities for secure email and access control. Vision and commitment to innovation led to GlobalSign being recognized by Frost & Sullivan for the 2011 Product Line Strategy Award. The company has local offices in the US, Europe and throughout Asia. For the latest news on GlobalSign visit www.globalsign.com or follow GlobalSign on Twitter (@globalsign).

GMO Internet Group GMO Internet Group is a comprehensive provider of industry-leading Internet solutions including domain name registration, cloud-based and traditional hosting, ecommerce, security, and payment processing services that each hold the top share of their respective markets in Japan. Other key business areas for the Group include online securities/FX trading, Internet advertising, search engine marketing and online research, and smartphone game development and publishing. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. Please visit http://www.gmo.jp/en for more information.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-2319
PUBLISHED: 2019-12-12
HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM84...
CVE-2019-2320
PUBLISHED: 2019-12-12
Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ805...
CVE-2019-2321
PUBLISHED: 2019-12-12
Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...
CVE-2019-2337
PUBLISHED: 2019-12-12
While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ809...
CVE-2019-2338
PUBLISHED: 2019-12-12
Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastruc...