The planned shortening of the lifespan of TLS certificates to 90 days should ensure more security. However, many companies are not prepared, a survey found. Credit: SomYuZu / Shutterstock Transport Layer Security (TLS) certificates form the basis for a secure internet connection. They encrypt the data that is transmitted between the browser, the website visited and the server. Last year, Google announced it was going to reduce the term of TLS certificates from 398 to 90 days to increase security. However, a Venafi survey of 800 IT security decision-makers from the US, the UK, France and Germany found that the majority (94%) of respondents are concerned about the effects of the shortened lifespan. A total of 76% of respondents believed that the shorter validity of TLS certificates would lead to more failures, and 81% believe that this will increase existing challenges in managing certificates. In addition, 75% of the participants fear that this could make them even more insecure. “Switching to shorter life cycles of certificates significantly reduces these risks and is a necessary step.” Venafi chief innovation officer Kevin Bocek said. However, he admits that “the introduction of 90-day certificates means that companies have to renew their certificates five times more frequently than before. This is a five-fold increase in effort.” Challenges caused by switching TLS certificates The survey shows that the shortened lifespan of TLS certificates presents companies with the following problems: Delayed provision: Only 8% of security leaders fully automate all aspects of managing TLS certificates across their company. Almost a third (29%) still use their own software and spreadsheets to solve the problem. As a result, it takes an average of two to three working days to provide a certificate. TLS conversion: The volume of TLS certificates used in companies has increased steadily in recent years due to the increasing adoption of the technology. Almost all (95%) security leaders say digital transformation initiatives increased their organization’s use of SSL/TLS by an average of 36% in 2023. As a result, the average company now manages 3,730 TLS certificates — a number that is expected to increase by 39% to over 5,000 by 2026. Certificate lifecycle management could help companies get a grip on the problems with TLS certificate conversion. Well-known solution providers include Venafi, digitcert, TrackSSL, appviewx, Keystash, Keyfactor. Related content feature What is OWASP? A standard bearer for better web application security The Open Web Application Security Project (OWASP) is an international nonprofit dedicated to providing free documentation, tools, videos, and forums for anyone interested in improving the security of their web applications. By Linda Rosencrance 28 Aug 2024 8 mins Internet Security IT Skills Application Security feature DNSSEC explained: Why you might want to implement it on your domain The Domain Name System Security Extensions provides cryptographic authentication to prevent redirection to rogue websites, but owners of many domains have yet to adopt it. By Lucian Constantin 26 Jul 2024 13 mins Encryption Internet Security Security news Port shadow: Yet another VPN weakness ripe for exploit Sharing connection information could be a problem among users of the same VPN server without proper protection, researchers have found. Corporate VPN servers in particular are vulnerable to the flaw. By David Strom 24 Jul 2024 5 mins Internet Security Network Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe