"One of the most interesting findings is that companies are using their PKI for many more things that originally intended," says John Grimm, senior director of Product Marketing at Thales e-Security.
"But where we're heading and seeing is that the PKI that they are reliant on isn't up to the task and wasn't designed to do what people need it to do."
Enterprises are running up to seven applications off a PKI that was designed for one or two applications, Grimm
Also, some of these systems are older and not able to handle modern encryption protocols and key lengths.
The companies need to develop a transition plan to modernize PKI, Grimm
This is necessary to not only update legacy systems but also enable system for cloud access.
But this leads to another issue, there's a lack of expertise when it comes to supporting these legacy systems, Grimm
Often the employees that stood these up are long gone and there's nobody on staff that has the knowledge to transition to a modern system.
There's also the train called IoT speeding down the tracks towards enterprises, Grimm
This could see an explosion for PKI as each device is issued a certificate but these call for modern, flexible and scalable systems.
Enterprises are trying to figure out the best way to use PKI to secure these systems.
The survey found other issues when it comes to PKI as well.
Enterprises are protecting their PKI root keys primarily with passwords.
This is not ideal and enterprises should be using hardware security modules, Grimm
Only 28% of those surveyed were using HSMs.