How to Start Your Enterprise Post Quantum Cryptography Migration Plan 

The best time to think about post-quantum cryptography (PQC) Migration was yesterday. The next best time is today. Every day that traditional cryptography remains in use is a window of opportunity for attackers to harvest and store encrypted data, with the intent to decrypt it once quantum computing matures. 

Recognizing this, Microsoft has taken a significant step by introducing early support for NIST-selected PQC algorithms, ML-KEM (for key encapsulation) and ML-DSA (for digital signatures), support to Windows systems through updates to the Cryptography API: Next Generation (CNG) and cryptographic messaging functions. These updates are currently available for Windows Insiders, allowing early access for testing and development. 

PQC Migration sounds exhaustive, and it is indeed a big change. But it doesn’t have to happen overnight. It’s a long-term, strategic effort that requires a deep understanding of where cryptography is used within your organization and how to replace it without breaking critical systems. Let’s break down the phased and strategic approach to PQC migration. 

Planning your PQC Migration 

Quantum risk isn’t a problem of the future. It’s a planning failure of the present. The planning process begins with gaining visibility, organizing your crypto assets, assessing risks, aligning vendors, testing thoroughly, and designing for long-term agility, your organization will be ready for the quantum future.  

Below is a practical roadmap to begin your organization’s PQC journey: 

Establish a Quantum Readiness Program  

Before implementing technical changes, establish a Governance framework by setting up a dedicated PQC migration team that includes stakeholders from various use cases within your organization. This team should own the roadmap, assign responsibilities, monitor progress, and align PQC goals with your organization’s long-term strategy. 

Migration to PQC involves multiple internal teams. Before implementation begins, everyone must be on the same page. It’s essential to ensure that all stakeholders understand what PQC is, why it matters, and how it will impact their workflows. This is a small but important step as your team needs to understand both the “why” and the “how”. 

Perform a Cryptographic Discovery 

This step is about knowing exactly where and how cryptography is used across your environment. Many organizations are unaware of all the certificates they use, especially hidden or “shadow” certificates. Using automated discovery tools, you scan your systems, networks, and cloud environments to locate TLS/SSL certificates, code signing keys, email certificates, and more. This step is crucial because you can’t protect or upgrade what you don’t know exists. This includes  

• TLS/SSL certificates on websites and applications,  

• Public/private key pairs 

• VPNs, databases, internal APIs 

• Code signing, firmware, and secure email 

• Vendor-supplied applications and IoT devices  

Discovery should cover every layer, on-premises servers, cloud platforms (AWS, Azure, GCP), network appliances (like load balancers or firewalls), and IoT/embedded systems. 

Automated discovery tools help uncover both managed and unmanaged certificates, offering enterprise-grade capabilities for, agentless and agent-based discovery, real-time certificate tracking, automated expiration alerts and key usage analytics, API integrations with internal PKI and public CAs. These platforms can scan both on-prem and cloud environments using credentialed access, SSH, WMI, SNMP, and integration with orchestrators (like Ansible, Kubernetes, Terraform) to discover certificates embedded in CI/CD pipelines  

Build a Cryptographic Inventory

Once discovery is complete, compile all certificate telemetry into a centralized inventory system, preferably integrated with your CMDB and asset management platforms. An up-to-date cryptographic inventory provides a single source of truth for planning your PQC transition. Provide each certificate entry with: 

• Cryptographic attributes: Algorithm (RSA-2048, ECDSA-P256), key length, hash algorithm 

• Cryptographic Libraries (e.g., OpenSSL, BouncyCastle), Cryptographic protocols (TLS 1.3/1.2, SSH, IPsec) 

• Internal systems (servers, desktops, databases), Network infrastructure (firewalls, VPNs, load balancers) 

• Key and Certificate Lifecycle metadata: Issuance and expiry dates, renewal history 

• Infrastructure bindings: Associated domain names, IP addresses, system FQDN, port usage 

• Ownership and scope: Application owner, business unit, asset criticality 

• Source CA: Internal (Microsoft ADCS, EJBCA) or third-party (DigiCert) 

• Dependencies in CI/CD pipelines or firmware updates 

The next step is to convert that raw data into a structured and actionable cryptographic inventory. This inventory forms the backbone of your PQC migration plan and should classify each asset based on the following criteria: 

• What cryptographic algorithms are used? 

• Where are the cryptographic algorithms used (by system, app, protocol)? 

• Which business functions do they protect? 

• What is the validity period of the certificates issued by public CA and private CA? 

• What is the lifespan of protected sensitive data? 

For example, customer PII data often has a long shelf life, making them immediate candidates for PQC. 

Analyze Risk and Prioritize

Now that you have a cryptographic inventory in place, it is time to perform the risk analysis for each asset or service. Evaluate each system for how vulnerable it is to quantum attacks, the sensitivity of the data it protects, and how long that data must remain confidential. Systems handling personal, financial, or national security sensitive data should be prioritized.  

Risk-based prioritization ensures that you migrate critical systems first, not just the ones that are easiest to fix. Use risk assessment frameworks to assign scores (e.g., high, medium, low). Map cryptographic risk to business risk, such as service disruptions, operational downtime, etc. This step ensures your migration plan is focused on what matters most, minimizing potential damage from future quantum threats. 

Use quantitative frameworks (e.g., NIST 800-57, ISO/IEC 27005) or vendor-provided scoring models to tag each asset with a risk score. Create heatmaps to visualize PQC impact zones, especially where high-sensitivity data intersects with quantum-vulnerable algorithms. 

Classify data (e.g., PII, PCI) and determine retention needs (e.g., 7–10 years for healthcare records). Asses the exposure of algorithms quantum threats, such as RSA, DSA, DH, and ECC curves (like P-256) are vulnerable to Shor’s algorithm.  

At this point, it is important to understand which systems, if decrypted tomorrow, would cause the most damage? 

Use the analysis to prioritize a phased migration plan, starting with high-impact or low-complexity assets. 

Evaluate the Tools and Platform Readiness

Now begin evaluating what tools and algorithms you will need to support migration. This is where Microsoft’s update becomes important. 

“Don’t wait for final standards. Start testing hybrid now.” – NIST PQC Roundtable 

With ML-KEM and ML-DSA now supported in Windows via CNG, enterprises can begin building and testing post-quantum-ready applications without replatforming. 

• Test hybrid algorithms in your Windows environment 

• Simulate key exchange with ML-KEM and RSA together 

• Use APIs to build pilot apps with forward secrecy 

This gives your teams a safe, supported sandbox to develop crypto agility, and it aligns with NIST’s guidance that early experimentation is key. Check for tools that support hybrid cryptography, combining classical + PQC algorithms in one certificate. This is important for gradual migration. Test how the new algorithms affect performance, bandwidth, and application compatibility, since they typically use larger keys and signatures. 

Build a Migration Roadmap

This is where planning becomes action. After the groundwork is laid, build a step-by-step migration roadmap. This plan should include phases, starting with low-risk systems for testing, then moving to high-priority and public-facing systems. 

Create a timeline for staged PQC implementation and break down the migration into the plan: 

• Define short-term and long-term goals aligned with risk and criticality. 

• Define roles, timelines, tools, budget, and success metrics. 

• Define phases for migration, such as Phase 1 (2025–2026)- Pilot deployments in non-production or sandboxed environments. Phase 2 (2026–2029): Migrate high-risk internet-facing services and APIs. Phase 3 (2029–2035): Plan full transition for high-priority systems and organization-wide. 

• Decommission legacy crypto and shift to pure PQC where feasible. 

It should assign owners, set timelines, and define fallback options in case things go wrong. A roadmap ensures the transition is organized, trackable, and accountable across the enterprise. Sequence your rollout with risk-aligned prioritization, fallback plans, and vendor integrations.  

Pilot Deployment and Gradual Rollout

Before deploying at scale, conduct pilot tests using hybrid certificates and PQC-enabled protocols like TLS with Kyber. PQC migration will expose unknown breakpoints. Controlled pilots allow you to identify and fix issues without impacting production. 

Evaluate how your applications handle larger key sizes and new certificate formats. Roll out gradually, start internally, then expand to external services. This phased approach helps identify issues early and prevents major disruptions in live environments. Launch PQC pilots by: 

• Deploying hybrid TLS certificates (RSA + Kyber) via ACME-compatible internal CA 

• Updating TLS endpoints to support PQC negotiation (Apache, NGINX, Envoy, IIS) 

• Testing OCSP, CRL, and SCT response flows under hybrid signing 

• Benchmarking PKI workloads: CSR issuance, key generation, signing, revocation. 

• Performance impact on servers and clients 

Once pilots are successful, they roll out to production gradually. Start with internal services, then customer-facing apps, while monitoring compatibility with legacy systems and clients. 

Monitor and Manage your Cryptographic Posture

Once deployed, PQC isn’t “set and forget.” Continuous monitoring and adaptation are essential. Once migration begins, you need to monitor your cryptographic systems continuously. Use dashboards and alerts to track certificate expirations, detect use of outdated algorithms, and flag failed crypto operations.  

Set alerts for: 

• Expiring PQC or hybrid certs 

• New RSA/ECC certs appearing post-migration 

• Validation errors in legacy clients 

• TLS negotiation failures on hybrid endpoints 

Post-deployment, Link this data to your SIEM dashboards (e.g., Splunk) with crypto logs and CLM solutions that auto-discover certs and detect drift. 

Build Cryptographic Agility for the Future

Post-quantum migration is not the end, it’s a step toward agility. Crypto agility ensures you’re never locked into a broken algorithm again. Design your systems to easily swap algorithms using modular libraries or plug-in architecture.  

Continuously monitor PQC performance, compatibility, and emerging algorithmic updates. Crypto-agile systems should: 

• Swap algorithms easily as standards evolve 

• one-click certificate operations like renewal, migration, ownership transfer, revocation 

• One-click Public CA migration 

• Updating organization’s internal policies and standards in response to NIST and industry guidance 

Use Certificate Lifecycle Management (CLM) platforms that support multiple cryptographic standards and automate renewal and rotation. 

Key Use Cases you can Start Testing Today  

Microsoft is enabling PQC experimentation in critical cryptographic functions, such as: 

1. ML-KEM for key exchange: Ideal for testing PQ-safe alternatives to RSA and ECDH. Use this in key encapsulation scenarios and hybrid exchanges (ML-KEM + RSA or ECDH) for added resilience. 

2. ML-DSA for digital signatures: Use this to explore post-quantum identity and integrity validation. ML-DSA can be used alongside existing algorithms like ECDSA or RSA in composite mode, offering transitional compatibility. 

3. Certificate store integration: With PQC now added to wincrypt (the certificate API layer), organizations can: 

• Import/export ML-DSA-based certificates. 

• Validate PQC certificate chains. 

• Experiment with real PQ trust chain workflows using the familiar Windows certificate store. 

These changes provide hands-on testing opportunities within enterprise-grade systems, allowing you to evaluate PQC readiness without needing to overhaul your infrastructure right away. 

Microsoft’s support allows you to build crypto agility, evaluate performance impacts, and understand deployment nuances before PQC becomes mandatory. 

Executing migration plan on your environment 

Migrating to Post-Quantum Cryptography (PQC) varies depending on whether your environment is on-premises, cloud-based, or hybrid. Each has different architectural complexities, control levels, and dependencies, which impacts how you discover, manage, and replace quantum-vulnerable cryptography. However, for all environment use hybrid cryptography (PQC + classical) wherever possible to ensure backward compatibility. 

Let’s understand an overview of how migration for PQC varies for different environments: 

1. On-Prem environment

• Use agent-based or network scanning tools to identify certificates, algorithms, and keys across endpoints, servers, applications, and devices. 

• Centralize and categorize your cryptographic assets (PKI, SSL/TLS certs, signing keys) 

• Upgrade libraries like Microsoft CNG, OpenSSL to support PQC algorithms. 

• Ensure hardware modules and internal certificate authorities support hybrid or PQ-safe algorithms. 

2. Cloud Environment 

• Use cloud-native tools and APIs to list keys, certs, and services using RSA, ECC, etc. 

• Map services and data stores that rely on vulnerable crypto (e.g., encrypted S3 buckets, cloud DBs, IAM tokens). 

• Engage cloud providers to get their PQC timelines,  for supporting ML-KEM, ML-DSA, etc. 

• Begin testing PQC with supported APIs (e.g., Azure’s PQC support in Windows Insiders, AWS KMS roadmap). 

3. Hybrid Environment (On-Prem + Cloud) 

• Use platform-agnostic tools that can scan both environments. 

• Maintain a centralized view of all crypto assets, servers, applications, devices.  

• Prioritize systems with long-term confidentiality needs. 

• Prioritize systems with long-term confidentiality needs (e.g., health records, banking apps). 

• Prioritize systems with long-term confidentiality needs (e.g., health records, banking apps). 

How can EC help? 

• Validation of Scope and Approach: We assess your organization’s current encryption environment and validate the scope of your PQC implementation to ensure alignment with industry best practices. 

• PQC Program Framework Development: Our team designs a tailored PQC framework, including projections for external consultants and internal resources needed for a successful migration. 

• Comprehensive Assessment: We conduct in-depth evaluations of your on-premise, cloud, and SaaS environments, identifying vulnerabilities and providing strategic recommendations to mitigate quantum risks. 

• Implementation Support: From program management estimates to internal team training, we provide the expertise needed to ensure a smooth and efficient transition to quantum-resistant algorithms. 

• Compliance and Post-Implementation Validation: We help organizations align their PQC adoption with emerging regulatory standards and conduct rigorous post-deployment validation to confirm the effectiveness of the implementation. 

Conclusion 

Migrating to Post-Quantum Cryptography is not just a security upgrade, it’s a foundational transformation in how organizations protect sensitive data. 

The transition to PQC is a complex, long-term effort that spans cryptographic discovery, vendor collaboration, testing hybrid approaches, updating PKI, and integrating new cryptographic standards across infrastructure. But it doesn’t need to happen all at once. A phased, well-planned migration, starting today, will help organizations build crypto-agility, minimize disruptions, and maintain digital trust throughout the transition. 

This is not just a forward-looking upgrade. It is a present-day mitigation against future decryption. Organizations must take a proactive stance, assess their cryptographic exposure now, and start integrating PQC transition plans, before it’s too late.