Spotify users recently experienced an event that is becoming all-too familiar to digital consumers. They were left unable to listen to their favorite podcasts for hours after an TLS certificate at the streaming giant expired. Although certificates, or "machine identities," like these are intended to provide a backbone of trust across the online world, they are also increasingly challenging for organizations to manage. Digital transformation is driving an unprecedented expansion of machine identity volumes across the globe. That’s bad news for the security teams tasked with managing them. When even one expires, it can lead to chaos.
Spotify is certainly not the first big-name brand impacted in this way. And it definitely won’t be the last. The message is clear: brands need a more efficient, automated way to manage these identities if they want to optimize cybersecurity and service uptime.
An expensive challenge
While human identity is authenticated and secured via usernames and passwords, machine identities use keys and certificates to validate the legitimacy of information flowing between authorized machines. They can be used to secure privileged access, DevOps assets and web transactions, authenticate software code, and enable secure, remote access to enterprise networks. But what happens when those identities expire? A certificate-related outage of the sort that recently affected Spotify, creates downtime and security risks until it is resolved.
That could end up having a major financial and reputational impact. Exactly how much is open to debate, as accurate data is difficult to come by. A Gartner study from years ago puts the figure at $5,600 per minute of IT downtime. A more recent expired machine identities represent growing business
