On Friday 30th June 2023 the Bank of Ireland experienced an outage that resulted in online and mobile customers unable to access their accounts and services. The outage appears to have been due to an expired SSL machine identity. As a result of the outage the bank was forced to extend business hours across over 90 branches and expand its call centre team to support customers during one of the busiest days on the month.
Machine identity expert, Kevin Bocek, VP Ecosystem and Community at Venafi, says that the whole issue was completely avoidable:
“Having an outage of this scale on the last Friday of the month is a disaster for a bank. Customers have been unable to pay wages, bills have gone unpaid, it’s chaos. The operational costs of having to open over 90 branches and add additional staff to customer services will come with a hefty price tag, but the long term impact on trust and reputation could be even worse. And it appears to have been totally avoidable, as it was due to an expired SSL machine identity.
“It all comes down to machine identity management. SSL machine identities authenticate that a website is trusted, enabling secure, encrypted communication with other services. They are issued with a set lifespan, if they are not renewed and left to expire, the machines can no longer authenticate one another and therefore cut the connection causing an outage. The challenge for organizations when this happens is that if you do not have control and visibility of all the identities in use across the organization it can be like finding a needle in a haystack.
Organizations can have hundreds of thousands of machine identities. Managing them manually is an impossible task – particularly with the growing use of cloud native technologies spurring a rapid escalation in the use of machine identities. Yet by having a control plane to automate the management of machine identities throughout their lifecycle, you can eliminate the risk of outages of this kind.”
