The planned shortening of the lifespan of TLS certificates to 90 days should ensure more security. However, many companies are not prepared, a survey found. Credit: SomYuZu / Shutterstock Transport Layer Security (TLS) certificates form the basis for a secure internet connection. They encrypt the data that is transmitted between the browser, the website visited and the server. Last year, Google announced it was going to reduce the term of TLS certificates from 398 to 90 days to increase security. However, a Venafi survey of 800 IT security decision-makers from the US, the UK, France and Germany found that the majority (94%) of respondents are concerned about the effects of the shortened lifespan. A total of 76% of respondents believed that the shorter validity of TLS certificates would lead to more failures, and 81% believe that this will increase existing challenges in managing certificates. In addition, 75% of the participants fear that this could make them even more insecure. “Switching to shorter life cycles of certificates significantly reduces these risks and is a necessary step.” Venafi chief innovation officer Kevin Bocek said. However, he admits that “the introduction of 90-day certificates means that companies have to renew their certificates five times more frequently than before. This is a five-fold increase in effort.” Challenges caused by switching TLS certificates The survey shows that the shortened lifespan of TLS certificates presents companies with the following problems: Delayed provision: Only 8% of security leaders fully automate all aspects of managing TLS certificates across their company. Almost a third (29%) still use their own software and spreadsheets to solve the problem. As a result, it takes an average of two to three working days to provide a certificate. TLS conversion: The volume of TLS certificates used in companies has increased steadily in recent years due to the increasing adoption of the technology. Almost all (95%) security leaders say digital transformation initiatives increased their organization’s use of SSL/TLS by an average of 36% in 2023. As a result, the average company now manages 3,730 TLS certificates — a number that is expected to increase by 39% to over 5,000 by 2026. Certificate lifecycle management could help companies get a grip on the problems with TLS certificate conversion. Well-known solution providers include Venafi, digitcert, TrackSSL, appviewx, Keystash, Keyfactor. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe