London: Venafi Inc., the inventor of and leader in enterprise key and certificate management (EKCM) solutions, today announced the availability of Venafi Assessor. Assessor is a downloadable, easy-to-install, free software solution that scans an organisation ’s network to locate and analyse deployed digital certificates and the associated encryption keys. Assessor produces a series of reports that detail the security, operational and compliance risks derived from the data it collects. Additionally, Assessor provides remediation recommendations based on industry best practices and the aggregate experience of Venafi customers.
Organisations protect critical and often regulated information with certificates and keys, yet 70 percent of companies have inaccurate or incomplete data about their growing encryption populations according to a recent Venafi survey. Recent Venafi Assessor analysis has found that organisations performing basic inventory assessments often discover three to five times more Secure Socket Layer (SSL) certificates than they expected to find on their network. As a result of these unknown and therefore unmanaged certificates, organisations are vulnerable to unplanned outages, security compromises and failed audits.
Leading IT research and analyst firm Gartner, Inc. recently indicated that organisations with roughly 200 or more X.509 certificates are high-risk candidates for costly unplanned downtime and brand damage. In the X.509 Certificate Management: Avoiding Downtime and Brand Damage report, published Nov. 4 2011, Gartner analysts Eric Ouellet and Vic Wheatman write, “Organisations are often unaware of the scope or the validity status of their X.509 certificate and key deployments until it is too late. Organisations need to establish formalized plans and, if necessary, leverage available tools to minimize impacts.” Download the full report here.
“Having worked with many of the world’s largest companies, our experience is that enterprises have inaccurate and incomplete data about their certificate and key populations,” said Jeff Hudson, Venafi CEO. “The unquantified and unmanaged risks these security instruments pose are significant. The risks are increasing because certificates are being rapidly deployed within corporate data centers, on cloud-based systems, and onto mobile devices. With Assessor, organisations can quantify the extent of their risks, turning assumptions about their certificates and encryption keys into hard data. We are now providing this capability to organisations at no cost.”