Skip to main content
certificate expiry image

The challenge of monitoring Zero Trust environments

When SpaceX’s satellite low-latency broadband service Starlink went down for a few hours in April, it not only annoyed users around the world but also highlighted a little-discussed issue. What caused it? An expired digital certificate.

Digital certificates verify the identity of the sender/receiver of an electronic message to protect your website, network or devices. Every certificate has an expiry date written into it. But if it has expired, there is often no way to tell until the damage is done. In one report, 88% of companies reported that they have experienced at least one outage in the past 24 months related to an expired certificate.

When one expires undetected it can create all sorts of havoc, from Wi-fi access for your users (witness Starlink) to an interruption in your trade flow, causing damage to revenues and reputation. As digital transactions grow, so do issues with expired certificates.

Zero Trust and digital certificates

The Zero Trust approach is a good way to look at this. This approach involves being always inherently suspicious of all users. And the foundational element of this trust is in using digital certificates to verify these users. If the certificates are expired, your organization can be vulnerable to cyberattack and other issues that cause outages.

The benefit to taking a Zero Trust approach is clear. If you assume every piece of software is not trustworthy, and you oblige users to prove they are authorized to access the software every single time, the risk of hacking becomes negligible in comparison.

But years of rapid digital transformation have left many IT systems straining under the weight of new technology they can no longer comfortably manage. Most technology-reliant sectors are operating on legacy systems that prevent them from transitioning towards a Zero Trust approach.

Monitoring digital certificates

As they continue to evolve their IT architectures, there needs to be a way to check – and fix – digital certificates that are about to expire. Monitoring can help. With ITRS Geneos, we have created an innovative way for our clients to keep track of expiring certificates. They can identify all of the certificates, then visualize and understand their expiry dates.

At that stage Geneos proactively notifies and alerts support teams, who can immediately resolve the problem. This helps to prevent any future application and service problems. It’s clear that legacy technologies are holding businesses back when it comes to increasing operational resilience and efficiencies. But the troubling reality is that they also make you more vulnerable to cyber-attacks should your digital certificates expire.

Learn more about how ITRS Geneos and ITRS Professional Support teams can help your organization avoid a Starlink event by clicking below.

Zero Trust starts here