Tag : SSL

Why You Need to Deploy Encryption and How

encryption

Encryption is the transformation of data from plain text to ciphertext. In other words, basically taking data that is easy to read and placing it into a riddle that has no rhyme or pattern so that only those that know the riddle, can read your data. Still with me?

Encryption alone is not enough to guarantee the safety of your data. An endpoint protection software is necessary to monitor for malware, especially making sure you aren’t hit with ransomware which will most certainly blackmail you for the encryption key, bringing us back to square one. It is known however, that hackers don’t particularly like encrypted data, and are much less likely to continue along once they learn you’ve employed encryption throughout your business.

“The best reason to encrypt your data is that it lowers your value,” said Mike McCamon, President and CMO at SpiderOadk. “Even if [attackers] got in, all the data stored is encrypted. They’d have no way to do anything if they downloaded it.”

Passwords are a great start, but lets take it one step further. If an attacker were to get into your network they most likely can navigate around and find where all your passwords are kept, again back to square one. No point in a password if hackers can find it without breaking a sweat. Password encryption allows you to put an extra layer of protection on your passwords. Any password you use to log in to a portal, will be encrypted as soon as you press Enter. The password will be scrambled and saved on your company’s endpoint in the same matter explained above, a riddle so to speak. The only way to get past the encryption is to have the encryption key.

Protect the house, with database and server encryption. Anyone who can gain access to your network can see information in plain text. If the house of all your data is in plain text, that is a surefire road to disaster.

Secure Sockets Layer (SSL) Encryption  protects the transfer of data from the browser to the website. This will encrypt and protect the data employees and clients exchange via browsers to your company website. This is a safeguard against the interception of information as it is being transferred from the browser to the endpoint. However, once the data has reached your company server the information will be in plain text, and yet another encryption method should be used.

Email identity encryption provides employees with a complex key, known as a Pretty Good Privacy (PGP) key. This key is given to all email recipients, so that if and possibly when one of your clients receives an email without the decryption prompt, such as one claiming to be from your company’s CEO, the client knows to ignore the email.

Device Encryption is critical to the safety of your organisation. Device encryption should be required of all employees. IT management can significantly help in this process, and can also set up mobile device management software for all mobile devices. This will protect your employees and your business from avoidable and preventable vulnerability.

End-to-End and Zero-Knowledge Encryption is the most comprehensive form of encryption. Before your data can reach the end-point it is manipulated, jumbled, bamboozled – including all log ins, device passwords, application information, files. The only way to decipher the code and gain access to the information is with an encryption key that only your IT management company has, along with the software company that works to encrypt the data.


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

SSL Shopping?

The Internet and the data provided on the Internet have become a primary source for research, news, and shopping for much of today’s society.  But how much of that data is real and how can you be certain your financial data is transmitted securely.   Identify theft is not only prominent from a personal level; corporate identity theft has now become too common in today’s electronic society.  In regards to Internet communication, a corporation can take steps to ensure their customers they are who they say they are.   Online merchants can also give their customers the peace of mind that their personal data remains just that.  SSL certificates have been around for a number of years, but buying the right one from the right supplier can be frustrating.   The website SSL Shopper (www.sslshopper.com) is a great place to read reviews from many of the popular SSL providers while also providing easy to follow wizards to find the right SSL for you or your business.  Give your customers the peace of mind that comes with providing your services on the Internet, start using an SSL certificate today.

If you have already purchased an SSL certificate but are having problems with the configuration, don’t worry, SSL Shopper has a number of tools to assist.  I spent a number of hours troubleshooting a publicly assigned cert before finding the SSL Verification Utility.

SSL Verification Utility

Trying to resolve an SSL certificate issue?  The SSL Checker utility at SSL Shopper (http://www.sslshopper.com/ssl-certificate-tools.html) is a great utility to identify issues with any internally assigned or public assigned SSL certificate.  It provides a comprehensive look at your SSL cert, providing detailed information including server and server chain information.