Earlier this week, several LinkedIn users reported the apparent inaccessibility of the website via certain browsers, owing to an insecure connection. The root cause of this mishap was later revealed to be an expired certificate–more specifically, a TLS certificate on their URL shortener (lnkd.in) which wasn’t renewed on time.
Here’s what a LinkedIn spokesperson had to say on the matter:
“We had a brief delay in our SSL certificate update yesterday, which was quickly fixed, and member data was not affected.”
Surprisingly, this is the second time in two years that the website is encountering such problems, the last known occurrence being in 2017. While no lasting damage was done due to LinkedIn hastily renewing the certificate in question (set to expire in 2021), this particular incident brings a far more serious concern to light : The long-term implications of certificate-related problems for both businesses and users.
Large corporations like LinkedIn, which are responsible for the personal data of millions of users across the globe, have a lot to lose when confronted by critical security concerns like this one. While this mishap passed without incident, expired certificates could lead to potentially devastating episodes. These could range from significant damage to brand value, to implicit loss of revenue caused unavailability of services to customers, to disastrous data breaches that could take any organization months to recover from. According to cyber security website CSOOnline, an global 5000 company incurs expenses of $15 Million on average to recover from outages caused by certificate expirations. Alarmingly, Gartner projects a business loss of $5600 a minute when a firm is hit by an unexpected certificate-related outage. That’s a hefty price to pay–and an unnecessary one, to boot.
The prevalence of certificate-related complications can be pinned on the relative lack of knowledge surrounding the monumental role certificates play in a business’ overall security. What’s more, digital transformation in the 21st century has birthed a massive boom in the number of entities that require certificates, leading to difficulty in managing these certificates efficiently.
Certificate lifecycle management software is a viable solution to this problem. In addition to giving users visibility into their certificate infrastructures, it also boasts of features that automate the renewal and maintenance of every certificate in an organization’s inventory, helping mitigate contingencies like the one LinkedIn just encountered–potentially saving businesses millions of dollars in litigation, losses, and trust.
AppViewX CERT+ is a market-leading certificate lifecycle management solution, and it does a lot more than just managing certificates. Sign up for a free demo here, and ensure your business’ cyber safety today!