But certificates for email are only a small part of the problem. Thanks to the adoption of complex infrastructures like IIoT, JSON Web Tokens, and Kubernetes, enterprises already have hundreds of thousands of machine identities in use, secured by SSL/TLS certificates with lifetimes ranging from years to minutes. A single physical device can run hundreds of short-lived workloads. And certificates are often poorly managed and secured, even by companies in regulated industries like finance. Erik Wahlstrom, VP Analyst at Gartner, reckons that there are typically more machine identities than human ones. That number continues to grow, especially with the adoption of AI tools that require credentials for both the systems they access and the people they act on behalf of. According to a study by Coleman Parkes for automation provider Venafi, companies with more than 10,000 employees will have up to 1.3 million machine identities and certificates to manage by 2025.

But manual scripts, spreadsheets and homegrown automation aren’t enough to support those numbers, especially since most organizations have little visibility into how many certificates and machine identities they already use. “When people do a more comprehensive discovery and inventory, they’ll be shocked at how quickly that number is growing,” says Geoff Cairns, principal analyst at Forrester Research.

The fact that workloads are stored digitally in different databases and user stores doesn’t help. “They all require identifiers and credentials like certificates, secrets and keys, and companies have to manage all of that,” says Wahlstrom. But that doesn’t usually happen, and the scale of this challenge is underestimated, he adds, if companies don’t have a tool in place to help them manage all of that in their hybrid and multi-cloud environments.