^{Security certificate expirations open the door to hackers. Digital workflows can keep your data safe and your certificates up to date.}

CIOs, CISOs, and enterprise IT leaders have spent decades building defense-in-depth cybersecurity architectures to seal off security holes from rogue attackers. But, like a day-trader working around the clock to find the next big trade, day-hackers are relentless in seeking out the next big hole. 

One of the biggest and easiest holes to exploit is the one that opens up when a company forgets to renew one of their TLS (transport layer security) certificates. Just one expired certificate outage can result in a huge financial loss, costing an  average of $15 million to recover. Even worse, can lead to a breach of your customers’ private information, sinking your reputation and wiping out trust in an instant. 

In the midst of managing global enterprise IT, renewing one of your TLS certificates can easily slip through the cracks. And if it does, their expiration opens the front and back doors to hackers.

Unplanned certificate expirations have been the reason behind some of the most massive outages and data breaches in history, including LinkedIn, Microsoft, Ericsson, and most recently, Google Voice. Recently, a well-known Fortune 500 company spent months with an expired PKI (public key infrastructure) certificate. All the while, day-hackers were inside pilfering customer data and trust, neither of which will be regained.

The lifespan of new TLS certificates is limited to 398 days, down from the previous maximum certificate lifetime of 825 days per the Certificate Authority Browser Forum is a voluntary consortium that governs how certificates are managed and audited. The cap on expiration improves a businesses’ security posture, but now companies must be doubly aware of renewing their certificates—a process usually done manually by your public key infrastructure team and oftentimes managed in spreadsheets.

So what’s an enterprise to do? Workflow it.      

Get ahead of expirations

With automated workflows, companies can get ahead of certificate expirations—and avoid outages. Automated workflows can be set up to flag every TLS certificate well in advance and get them renewed before they ever have a chance to expire. 

A digital workflow platform can help you create workflows that manage the entire TLS lifecycle. Once your certificates are managed on a single platform, you will be able to:

See all of your certificates in one place 

Automatically discover your deployed certificates, creating a centralized inventory in your CMDB. 

Avoid service outages and security breaches 

Drive optimized certificate renewal processes, including renewing soon-to-be-expired certificates and raising incidents for expired tickets. 

Focus on what matters 

Prioritize renewal of certificates that support mission-critical services and eliminate the cost of renewing certificates that are no longer needed. 

Reduce operational effort 

Improve your certificate management processes with service-aware workflows that automatically assign work to the right application and service owners and track its progress. 

Scale for digitization 

Keep pace with rapidly increasing certificate volumes as your business digitizes more and more processes and adopts cloud-based microservice architectures.

ServiceNow’s Certificate Inventory and Management solution allows you to discover, take inventory of, and proactively manage all your TLS certificates. It keeps you informed of impending expirations, creates certificate tasks via workflows to renew expiring certificates, and creates incidents for already expired certificates.

It seems strange that such huge consequences would hang upon something as mundane as renewing a certificate. And yet, here we are, in a world where, among other things, a partial U.S. government shut down led to multiple expired security certificates that took down more than 80 federal websites.

From NASA to the DOJ, citizens were unable to access the sites and services they depend on. Even worse, those websites—and the sensitive data therein—were left vulnerable to malicious actors, both domestic and foreign. Let’s hope businesses everywhere take this cautionary tale as a cue to implement digital workflows to automate their certification renewals—for the good of their customers, their reputation, and their bottom line. d

^{How rapid development on low-code platforms can help government agencies speed recovery.}

If there was a theme song for the public sector these days, it would undoubtedly be “Under Pressure” by Queen and David Bowie.

Now, more than ever, governments are under pressure to provide new services to citizens and more productive environments for public sector employees. Increasingly, they are responding by using low-code development platforms to accelerate innovation and provide critical services to the public.  

Experts predict that more than 500 million new business apps will be created in the next five years—more than all of the apps created in the past four decades. Couple that with an estimated shortage of about 1.4 million software developers in 2021, and you can see why the public sector is turning to low-code platforms to develop new solutions in record time with minimal resources.

Compared with traditional development technologies and platforms, low-code makes it possible for governments to build modern, professional applications that serve public sector workers and citizens with simpler programming and minimized time and cost.  

The increase in public demand for new digital services isn’t slowing down anytime soon. Low-code can help take the pressure off.

Supporting diplomats during Covid

The need to save costs and provide secure services with low-code technologies has accelerated during the pandemic, with many agencies tasked with delivering new services rapidly to address public safety.

The U.S. Department of State (DoS) has been using ServiceNow’s low-code App Engine to quickly provide critical services to diplomats around the world. During the early days of the pandemic in 2020, DoS was able to develop and deliver almost a dozen mission-critical apps in just a few weeks.

“These were big apps that tracked every country on the planet and what their Covid-19 requirements were,” said principal deputy CIO of the U.S. State Department Michael Mestrovich, in an interview with MeriTalk. “If you came from North America to Great Britain, did you have to quarantine? If you went from Great Britain to Germany, did you have to quarantine? If you did, what were the quarantine requirements? So, there’s a huge tracking mechanism that shows what phase these countries are in, what phase our posts are in, and the COVID requirements for each. All that was done through ServiceNow’s low-code platform.”

Once an app was developed, Mestrovich’s team could then iterate on it as new requirements came up. “That’s a huge success story,” said Mestrovich. “Before it would have taken us months to figure out the application requirements and then go back to development. But, with these low-code platform-based services, we’re able to iterate on those almost instantaneously.”

Issuing grants fast

In response to the CARES Act in March 2020 and the 2021 American Rescue Plan Act, federal agencies are turning to low-code platforms to help streamline grant distribution and support citizens. 

One example of this is a U.S. federal agency that used App Engine to build and deploy a Telehealth Grants Application. Created during the pandemic, the application helped manage the distribution of grant funding to healthcare providers seeking to improve telehealth programs and better serve their patients. Because it was built using low-code, the team didn’t have to spend time developing custom components and code. Instead they focused on business requirements, transparency and oversight, and the timely delivery of funding to providers. 

Fighting fires

In 2020, wildfires destroyed almost twice as many acres across the U.S. as in all of 2019. 

Tackling these blazes is a mammoth task, with thousands of people and dozens of agencies working together to protect life and habitat. Team integration, clarity of information, and speed of communication are critical for an effective response. One federal agency was able to use ServiceNow’s low-code App Engine to rapidly establish a centralized platform from which teams could coordinate efforts. 

Previously, dispatchers responding to the report of a fire manually entered geo-location coordinates into 26 separate systems. One wrong number and life-saving support could be delayed or sent to the wrong place. With the low-code Interagency Resource Ordering Capability (IROC), officials can track and manage wildfire response resources in real time. All aircraft, equipment, crews, and supplies are easily viewable and deployable in the system, speeding response—and saving lives and property.  

Importantly, this low-code application was built in months. With traditional technologies, it would have taken years. That’s the true impact of low-code platforms—and we’re only just scratching the surface of what these platforms can do.