SSL Monitoring, Trust, and McLOVIN

The recent ServiceNow Secure Sockets Layer (SSL) certificate error disrupted operations for hundreds of organizations causing widespread connectivity failures. IT operations stalled, developers hit roadblocks, and businesses across industries felt the impact. The culprit? An expired SSL certificate.

While these disruptions highlight the importance of SSL monitoring, they point to a deeper issue: trust.

When I asked Google, ‘What is the role of an SSL certificate?’, I received multiple responses. Here are a couple:

“An SSL certificate is a digital credential that plays a pivotal role in establishing secure connections over the internet, serving as a trust indicator and ensuring data encryption and authentication during online interactions.” – ServiceNow

“An SSL certificate, or Secure Sockets Layer certificate, is a digital object that helps to secure network communications and establish trust between a website and its users.” – Google AI Overview

To confirm how important the idea of trust is, notice how both definitions included that exact word.

What happened?

On September 23, 2024, at approximately 0216 UTC, impact from a management, instrumentation, and discovery (MID) server’s certificate expiration began. And “this issue may be impacting your Integrations, Orchestration, Discovery, and MID Server Script Executions that rely on MID Servers or instance-instance communication, such as Instance Upgrades, Update Set retrieval, AI Search, Virtual Agent, and Cloning between instances” according to their ServiceNow advisory.

This certificate error also comes on the heels of another trust erosion incident in which internal knowledge base (kb) articles could be accessed from an external (read, unauthorized) perspective. While we expect these types of operational incidents organizations of all types and sizes (it’s not a matter if, it’s a matter of when), we also expect learning from them.

What does SSL monitoring have to do with “trust”?

The obvious answer to, ‘Why monitor SSL?’ may be apparent when you read a headline indicating hundreds of organizations and businesses’ operations were disrupted. More importantly, though, it’s about preserving trust.  

In this Forbes article, Catchpoint CEO Mehdi Daoudi explains how trust is ‘the silent commodity that’s bought and sold with every transaction’.  

We trust that when we purchase health and beauty products that we are not smearing damaging products in our hair or skin. We trust when we deposit a mobile check that our money will be deposited safely. And when we can put a name to the companies that sell these products or services, then we can talk about building or preserving reputation.

This is exactly why we built our SSL monitoring to accompany our other suite of critical business capabilities.  

Capabilities like those that can ensure internet network traffic is not hijacked, that can ensure users get their expected results, or that can ensure their information is protected and secured are just such examples.

But what does this have to do with McLOVIN?

What is now considered a meme, when McLOVIN’s Hawaii driver's license was presented, it perfectly illustrates how the store clerk’s trust in its validity was questioned. Think about it: consider an ID issued by an authority. Now consider traveling to a different state or country (as an example). When presenting that ID, people need to be able to trust it is a valid ID even though it was issued by an entity outside of their region.

In this vein, validating an SSL certificate is quite like validating a driver’s license. Both processes involve checking the authenticity and current validity of a credential. When you validate a driver’s license, you check the expiration date, ensure the photo matches the individual, and verify that the license hasn’t been revoked or suspended. This process ensures that the driver is legally allowed to operate a vehicle (or old enough to purchase alcohol!) and that their credentials are up to date.

Similarly, validating an SSL certificate involves checking its expiration date, confirming that it is issued by a trusted Certificate Authority (CA), and ensuring that it hasn’t been revoked. This process ensures that the website can securely encrypt data and that users can trust the site’s identity.

In both cases, the goal is to maintain trust and security. An expired or invalid driver’s license can lead to legal issues and safety concerns, while an expired or invalid SSL certificate can lead to security vulnerabilities, business disruption (as with this ServiceNow incident), loss of user trust, and potential data breaches. Regular SSL monitoring helps prevent these issues by ensuring that the credentials are current and trustworthy.

In summary

Businesses should use SSL monitoring to ensure their certificates don’t expire because expired SSL certificates can lead to security vulnerabilities, loss of customer trust, potential downtime, and damaged reputation. SSL monitoring as part of a larger, comprehensive IPM strategy helps maintain continuous encryption, protecting sensitive data and ensuring a seamless, secure user experience. And while McLOVIN might not appreciate it, this proactive approach safeguards the business’s reputation and prevents costly disruptions.  

‍