Retailers' Ticking Time Bombs? Expired Certificates
The continued ripple effect of the pandemic’s impact to all forms of retail has created a phenomenal digital disruption in the industry.
With online purchases expected to hit record numbers this year — $1 trillion, according to Adobe — cybersecurity is top of mind for any brand with an online presence handling transactions. With the number of transactions occurring online growing by the minute, the need for securing communication is paramount.
Digital certificates are the way to establish and extend trust during communication. These certificates are used as identities for machines and are provided by certificate authorities (CAs). Today, online retailers manage thousands of certificates regularly in their network infrastructure. These certificates must be monitored, tracked and renewed on time to avoid outages. The challenge, however, is that more than 61 percent of organizations still fail to properly manage one vulnerability that has the power to threaten a reputation: the digital certificate. The maintenance required isn't the only challenge; security is also a significant concern.
Why Do Retailers Need to Protect Digital Identities?
Diligent certificate management helps avoid issues like expiry and invalidity, which leave users open to attacks and system downtime.
The average certificate count of a business runs into thousands. Several variables are associated with managing one certificate. For example, there are multiple CAs, expiration dates, levels of encryption, network locations and much more. Considering these factors, the fact remains that an automated certificate lifecycle management process has numerous advantages over its manual counterpart.
The risks an expired certificate poses for retailers has a cascading effect, from unplanned outages to tarnished brand image, leaked customer data and financial losses.
Respect the privacy of customer data.
More than 95 percent of organizations experienced consequences that could cripple their operations just because they lacked digital certificate and key awareness. What’s more, 55 percent of these negative consequences were cybersecurity breaches.
Data breaches shake the foundation of trust with customers. As a retailer or e-commerce organization, you're responsible for ensuring security and privacy of customers by protecting digital certificates. This will help secure transactions by allowing remote access to point-of-sale devices and other applications across retail branches.
Protect critical business assets and build trust.
When a customer visits your application, digital certificates help determine their first impression of your enterprise. They often dictate the relationship and level of trust they will have with your brand going forward.
Personal and financial information in retail transactions is always a target for cybercriminals. With computers doubling in speed every two years, hackers are closer to completely spoofing your digital certificates every year through brute force cryptographic attacks alone. Therefore, even the most robust encryption standards of today will be considered weak and insufficient in only a few years.
Infinitely valid certificates also leave you susceptible to theft. Hackers can gain access to your digital certificates via a third-party application's vulnerabilities, invalidating your stolen certificates the moment they expire. The financial damage in this scenario compared to one where a certificate expires, causing an outage, is significantly greater.
Given these and other security concerns, it's crucial to enforce regular certificate expirations to protect the infrastructure with the strongest encryption available. Invest in an efficient certificate management solution to ensure on-time renewals to prevent all expiry-related outages.
Every industry has its compliance standards for encryption. Most retailers know they need to comply with regulations like the General Data Protection Regulation (GDPR), WebAuthn standard (W3C), and payment services directive (PSD2). It’s likely your business might be required to adhere to commonly accepted standards (for instance, replacing certificates periodically, regardless of expiry). In that case, tools can automate this process and perform periodic checks to ensure that you don’t end up paying hefty fines for noncompliance.
Embrace emerging tech.
For a secure and seamless omnichannel customer experience, retailers should invest in an efficient certificate lifecycle automation solution that helps with discovery, renewal, revocation, enrolment and reporting. With the IT tech talent shortage and the Great Resignation still ahead of us, an end-to-end management tool provides seamless integrations with CAs and network device providers, mobile device management platforms, security vendors, and more. It will help you stay proactive by keeping unauthorized users at bay, while building digital trust.
Murali Palanisamy is chief solutions officer at AppViewX, a modular software application that enables the automation and orchestration of network infrastructure and public key infrastructure (PKI) using an intuitive, context-aware, visual workflow.
Related story: Mitigating the Growing Cybersecurity Threat to Retailers