Don’t worry about ciphers… if you’re using TLS 1.3
If you’re in the enviable position to be fully in control of your endpoints, TLS 1.3 is secure by default. The protocol deprecates a lot of technologies supported in earlier protocols solely for backwards compatibility. Additionally, in earlier versions of TLS, your cipher list must have been carefully curated in order to support perfect forward secrecy (PFS). No longer! TLS 1.3 only supports ciphers which offer PFS. This cipher property is advantageous as it protects against even the later compromise of a server’s private key.
Think bigger… for your RSA private key size
Adoption of ECDH keys are on the rise, but at least as of the time of this writing, RSA is still king. The NIST posits that RSA key sizes of 2048 bits will be reasonably secure up until or thereabouts the year 2030. Now is the time to bite the bullet and adjust your mental defaults. 4096 bit RSA keys are not meaningfully slower, and advances in mobile computing has drastically reduced the increased battery usage once needed to make use of these longer keys.
Take advantage of DNS CAA
Does your domain have a DNS CAA record? If not, it should. CAA allows an administrator to specify in a DNS TXT record a list of registrars allowed to issue certificates for a given domain. While at the time DNS CAA was first on the scene adoption by issuers was spotty at best, you would be hard pressed to find a CA in 2022 who does not respect a DNS CAA announcement. CAA protects both against an external party being able to get a certificate issued from any arbitrary CA thru strategies such as document forgery, and the second is that of someone inside your own organization whose actions were not blessed by IT! Bonus points if you regularly comb certificate transparency logs for anything not matching your CAA policy.
Automate certificate renewals
Long gone are the days of being able to renew SSL/TLS certificates every 3 years and praying that you’ll be working somewhere else by then. More frequent renewal requirements for SSL/TLS certificates provides a lot of business benefits. Infrequent manual processes are the source of many availability risks, and as key staff turnover can cause expensive downtime for your business. Automating certificate renewals is an upfront investment in availability. Many certificate providers support the ACME (Automated Certificate Management Environment) protocol, which provides a programmatic interface for automating certificate rollover. Now that support is widespread, it is very likely that you can continue to use your favorite CAs along with the value add their support and ecosystem provides. Comodo (Sectigo), Geotrust, Digicert, Thawte all support ACME.
Invest in a Certificate Transparency Log Monitoring Service
Though it took a long time to get here, Certificate Transparency benefits from widespread adoption. A myriad of services exists for keeping an eye on certificate transparency logs in order to see what has been issued for domains in your control. If a targeted attacker successfully impersonates your organization, time is off the essence. Being able to get ahead of it and either locally blacklist or contact the offending CA to request revocation can prevent disaster.
Eliminate Legacy Clients
Wherever possible, eliminate older clients which do not support modern cryptographic protocols. Every year that passes includes an uptick in malicious activity which can upend or bankrupt your business. It is no longer an acceptable risk for most businesses to have things like old and insecure timeclocks cordoned off on its own VLAN. Practicing defense-in-depth is more important than ever.