Public Key Infrastructure (PKI) is gaining in popularity once again, after it was widely seen as using a sledgehammer to crack a nut.
Julian Lovelock, Senior Director, ActivIdentity, a global leader in secure identity solutions, part of HID Global said that despite PKI's initial popularity, there was a backlash against it from businesses. It was seen as arbitrarily complex and required labour-intensive key ceremonies with other organisations to deliver some features such as encrypted or digitally-signed email.
It was written off as overly complex for mere mortal IT professionals, and surely there were simpler methods of authentication such as OTP that enterprises could use, Lovelock said. However that changed as PKI was adopted by governments and powerful credential management software (CMS) was developed to automate much of the donkey work.
He said that now Microsoft, Juniper, and Cisco built PKI support into their offerings thinks were getting much better.
The killer app turned out to be security threats caused enterprises to wonder what better authentication methods are out there.” Lovelock claims that PKI is getting a second look and new CMS appliances make it so IT doesn’t even have to understand PKI to deploy a military-grade smart card.
Lovelock claimed that PKI suffered from hype before the tools were in place to manage it. Security experts got over excited and describing the ultimate PKI solution possible, even though few Enterprise users needed some of the more esoteric, complex and labour-intensive features. When PKI vendors got carried away educating users about every possible use case, they turned potential users off of the most high-value, low-cost use cases,” he said.