The Challenge
EQ Bank lacked a centralized certificate authority and relied on manual, ad hoc certificate issuance across teams. As certificate usage increased, expired and unknown certificates caused outages and pulled resources away from critical work. Rapid growth and cloud adoption made it clear that first-generation tools could not scale.
We had DigiCert for publicly trusted certificates, but we didn’t have an internal certificate authority (CA), and there were only ad hoc processes for application owners to request and provision certificates. IT and infrastructure teams would just issue their own certs in development environments and move on.”
-
Scalability limitations
Legacy tools and manual processes could not keep pace with support rapid growth in cloud and DevOps environments.
-
Certificate Sprawl
Rapid growth in application and machine certificates without a centralized issuance or management model.
-
Operational risk
Lack of visibility into certificates led to outages that disrupted operations and productivity.
The Solution
Cloud-Hosted PKI with Full Automation
EQ Bank selected Keyfactor as the only solution that combined a fully managed, cloud-hosted certificate authority with complete certificate lifecycle automation. The platform provides centralized visibility for security teams while enabling developers to easily deploy certificates through APIs and DevOps integrations. Keyfactor integrates seamlessly with Azure Key Vault, Kubernetes, and Istio.
Certificates would expire, but we would not know until systems went down. Since deploying Keyfactor, we have eliminated these incidents entirely.”
Keyfactor enabled EQ Bank to migrate from on-premises Microsoft CA to a cloud-hosted PKI in under two months.
Business Impact
EQ Bank successfully shifted PKI to the cloud, achieving SOC 2 Type II compliance and standardizing certificate issuance across teams. Complete discovery and inventory eliminated blind spots, enabling rapid remediation of weak or self-signed certificates. Automation of renewal and deployment workflows removed outages entirely while accelerating DevOps delivery.
-
Operational resilience
Eliminated certificate-related outages through automated renewal, policy enforcement, and DevOps integration—freeing up security and IT resources.
-
Developer Velocity
Self-service and API-driven workflows enable developers to provision security-approved certificates in minutes without slowing innovation.
-
Workforce efficiency
Centralized visibility and automation freed up the equivalent of two full-time employees, allowing teams to focus on higher-value security and infrastructure initiatives.
“Our DevOps team doesn’t need to jump through hoops anymore to get things done. Now they can move faster and rotate certificates more frequently with zero downtime.”
