3. CERTIFICATE ADMINISTRATION
Certificate administration has been around a while longer than virtualization.
“It really started around early 2000,” says Eckert. “It started picking up around 2002, 2003 in most industries, because Windows 2000 was the main purveyor of that.”
The costs for the stamps of approval verifying user identity through a certification authority such as VeriSign or E-Trust for technologies like secure socket layer and virtual private networks can add up, so having a certification authority within the company can make sense.
“But if you have a CA inside your company, you have to manage the deployment of certificates out to all the client computers and servers that need to particiapate in those technologies,” Eckert says. “It doesn’t cost you anything, aside from the server and Windows (licences), but it requires a lot of administration and it’s tied into security…One weak link in a security mechanism, like someone who gives out a password or compromises a certificate because he’s allowed to, because he’s an administrator, can take the whole system down.”
That’s a lot of administrative work, especially given certificates are being used for more technologies than they were even in 2000, Eckert says. Most companies can’t afford a dedicated certificate administrator, so “part of every admin’s job now it to worry about certificates and understand cryptography and how that can be implemented, and manage the implementation of it.”