SSL certificate management essential, white paper says

SSL certificate management essential, white paper says

A white paper from VeriSign and Symantec say that while tools like Symantec SSL certificates are great and make customers feel safe, there may be something lacking among many companies - proper management of the sensitive certificates.

"Enterprises with hundreds of SSL certificates from several providers could lose track of certificates in their environment," the white paper said. "When this happens, certificates could expire and go unnoticed for months, leaving website visitors vulnerable to hackers."

Unfortunately for many businesses, the first sign their SSL certificates have been compromised or expired is when a customer tells them. This can severely hurt a business' reputation and will leave companies vulnerable to hackers and information breaches. All of this goes toward the case for proper management of SSL certificates.

The white paper said key features to look for when searching for a way to electronically manage SSL certificates include the ability to scan automatically, an easily usable interface, flexibility and alerts when a certificate may expire or could be compromised.

"In a multi-certificate, multi-CA enterprise environment, getting a comprehensive view of SSL security is essential," according to the white paper. "Knowing the status of every certificate across sites and networks can not only help control customer service costs, but also lower the burden of SSL administration, giving busy IT teams more time to concentrate on other business-critical projects."

Rigorous management of SSL certificates can also prevent breaches and other security incidents that can hamper sales and the relationship with customers.

Another white paper from VeriSign and Symantec said the management of SSL certificates should be kept simple. Companies with good management should perform an audit of all domains and certificates, consolidate these certificates into a singular managed account, define a process for the entire company, have alerts for when certificates will expire and if they are breached and be sure to revoke and replace certificates as soon as it is needed. This will help keep a company safe and customers happy.