Avoiding Costly Downtime
Solution to costly downtime issues saved hundreds of thousands more than expected
A Fortune 500 financial services client needed to improve the way they managed certificates and keys. Their process was well documented but completely manual and relied on several color-coded Microsoft Excel spreadsheets.
Their system was also costly. An expired or misapplied certificate could result in lost revenue that was often measured in thousands of dollars per minute. The company estimated it had lost hundreds of thousands in revenue per year due to these issues.
Master spreadsheets were recreated each year and IT employees had to conduct in-depth inventory reviews, send e-mails and make phone calls to track down missing information.
The planning process was treading water. There was no forecast for expiring certificates, which resulted in crisis management rather than a proactive work plan.
Each certificate averaged 8 hours of work per year. In most cases, multiple departments had their hands in the work flow with up to 54 required approvals. If the process was delayed or not prioritized properly by any department, certificates would expire
The company was tracking 1,266 certificates and was confident that was all they had.
Creating A Custom Solution
ASMGi looked at ways to improve the process and consolidate steps through automation where possible.We implemented a software tool called Venafi. The Venafi system identified over 15,000 active certs. The count was verified and panic ensued.
Full reporting was developed. The Venafi analytics gave deeper insight and predictability to the entire process. Manager escalations were built in to address departmental delays. A daily trending report was automatically generated, illustrating where certificates were spending their time. These reports would predict bottlenecks based on busy time periods in the certificate lifecycle and help managers plan accordingly.
Another custom report gave greater predictability into cost. The report showed certificates that had been created, the cost per certificate and the projected volume compared to the prior year. That report also revealed opportunities for optimization in pricing. For example, the purchase of a wildcard certificate could save money when more than 10 domains attached to a single certificate.
The company was relying on the reduction in downtime to fund the project, but realized significantly greater savings through additional process improvements.
The reporting revealed an over-purchasing of certificates. In total, there was a 14% reduction in external certificates managed, each of which costs money to install.
The process improvements ASMGi identified cut the number of steps in the process by 37%. The certificates now averaged 28% less time to process, a savings in labor costs that covered the cost of the entire project in a single year. And because the certificate process is annual, the savings will continue in future years.
► 14% savings in external certificate costs
► Significant reduction in downtime
► Savings are incremental and recurring annually
► Operational security improved dramatically
The ASMGi Advantage
The selection of Venafi as the certificate management platform also delivered major security benefits.
While security was not part of the initial scope of this project, Venafi is a tool commonly used by the ASMGi Security and Governance, Risk and Compliance team. The client not only is managing its certificates more efficiently, but now has best-in-class protection against certificate and key attacks. Gartner predicts 50% of all network-based attacks will use SSL/TLS by next year.
While tasked simply to manage the spreadsheets, ASMGi saw an opportunity to lessen downtime and create more efficiencies to bring deeper value to our client.
This practical approach saved our client hundreds of thousands of dollars more than they anticipated.