Online security has never been so important, and protecting corporate data from rising numbers of cyberattacks should be the top priority of every organisation – whether that’s universities, colleges, government or not-for-profit organisations.
Keeping web and email services secure
One way to boost your cyber security is through digital certificates. They help keep your web and email services secure, and allow you to send confidential data safely via the internet. This ensures trust and authenticity for people who interact with these services, while helping institutions keep their web and email services safe from attacks.
Here are 3 simple steps you can take to take control of your certificate management and ensure that your organisation is protected.
1. Save time and prevent risk with automation
If you’re not familiar with Automated Certificate Management Environments ACME – get ready to save yourself both time and stress!
Manual certificate renewals pose a challenge for busy IT teams, who must manually deploy and manage certificates. This is time-consuming and can create unnecessary risk.
ACME is a protocol for automating certificate lifecycle management communications between Certificate Authorities (CAs), like Jisc’s own certificate service, and a company’s web servers, email systems, user devices, or any other place where Public Key Infrastructure certificates (PKI) are used.
ACME helps to ensure certificates are correctly configured and implemented, without human intervention. This automation not only helps reduce risk but crucially allows IT departments to bring operational costs and processes under control.
Jisc’s certificate service has this built in, and there are also a range of free providers such as CertBot.
2. Take control with a central location for certificate management
Whether you’re purchasing certificates or utilising some free certificates from the likes of LetsEncrypt – it’s vital you can get a handle on these certificates from one central location.
The process of manually renewing certificates is challenge enough for busy IT teams. Let alone when these certificates are spread across multiple providers!
Jisc’s certificate service, provided by Sectigo, allows for certificate discovery and management, whether or not the certificate itself has been purchased via the Sectigo platform.
The Certificate Manager platform means that you can easily look up certificates that aren’t covered by the service using the discovery function and manage renewals accordingly. And, because ACME is already built in, you can reduce the admin burden on staff and save time by using ACME to automatically issue organisation validated (OV) and extended validation (EV) certificates. Nice and simple!
3. Evaluate and improve your network by simulating real-world attacks
While certificate issues are often lower priority on the list of potential security risks, it’s an easy one to make sure you’ve got right, and should be considered a key aspect of best practice when it comes to your cyber security.
Penetration testing is a great way to evaluate and improve your set-up, as it tests systems and networks against real-world cyber attack scenarios.
That’s not just so you can satisfy your own organisation that you’re mitigating cyber security risks – giving increased peace of mind – but also so that you can comply with third-party standards, for example when you connect to public-sector networks, for GDPR, Cyber Essentials compliance or processing credit card payments (PCI-DSS).
Jisc recommend that all organisations leverage penetration testing services, which can help you identify vulnerabilities, assess risks, and take corrective action. Jisc have their own penetration service, which you can take advantage of, alongside the plethora of other ethical hacking service providers, based in the UK.
If you’d like to learn more about the Jisc Certificate Service, how we can help you to take control of your certificate management, drive savings and improve your cyber security – please feel free to get in touch via certificates@jisc.ac.uk