What is the misunderstood, unloved, and overly complicated security technology that underpins most modern digital solutions?

#PKI. Public Key Infrastructure. It’s where my career in security began.

Digital #certificates protect so many things we use. From this website you’re visiting (check the 🔒 icon on your address bar to be sure), to your ability to use your LinkedIn login to federate to other sites, to the authenticity of the patch just applied to update your browser… And it’s just scratching the surface.

PKI has gone from #security technology to #infrastructure. And if you are a user of Microsoft Teams, today you may have seen a failure of that infrastructure.

Microsoft Teams, like many modern solutions, has a separate front-end and back-end, connected through an #API. And communicating over this API requires a valid PKI certificate.

Unfortunately, Microsoft allowed this certificate to expire, which meant that the back-end didn’t trust the front-end any longer. And you couldn’t chat with your team.

All infrastructure needs regular checks and maintenance, and PKI is no different.