Certificate

Certificate Management

The Quantum Threat
As the CEO of FullProxy, I've always believed that staying ahead of technological disruptions is increasingly the most pressing concern for businesses and public sector organisations across the globe – not just from a cyber security perspective, but as a fundamental safeguard against business interruption....
The recent CA/Browser Forum meeting revealed significant changes to Apple's certificate lifecycles, and they seem to be following Google’s lead. With a proposal to reduce TLS validity periods to just 45 days by 2027, this adjustment to Apple's certificate lifecycles has sparked even more anxious discussion among IT professionals – yes, it’s frustrating, but it’s also important. 
Certificate management is a critical part of an organisation’s cyber security that cannot be ignored. Certificates are vital for protecting data transmitted between websites and users. If not properly managed, data could be at significant risk. One certificate option that organisations often consider is wildcard certificates, which provide some benefits but also carry security risks.
Certificate management has become a higher profile challenge recently thanks to Google’s well publicised intention to reduce certificate lifespans, acceptable for use in its popular browser Chrome, to a maximum of 90 days.
Google's announcement to reduce the lifespan of Transport Layer Security (TLS) certificates from 398 days to 90 days continues to be a hot topic of discussion among information security professionals, especially those directly involved in replacing and updating certificates. It’s especially frustrating because – although mooted back in April of 2023 – there’s still no confirmed date for its implementation. Yet Chrome browsers account for just over 50% of all UK web traffic (Statista), so there’s no avoiding the impact that this will have.