• Protect your Business Reputation : Implement Always-On SSL

        Apr 27 2016, 11:59 PM

        by Neel Majumdar 0

        No-one can escape the challenges of keeping up with a perpetually evolving cyber security environment and no longer write off fraud as something that only happens to others. In December 2014 research by Tele Sign and RSA, just 11% of US companies said they hadn’t experienced any fraudulent incidents on their ecommerce sites in the past 12 months. Source Cyber security study conducted by J Gold and Associates , Feb 2 , 2015.

        Fraud victims can wave bye-bye to hard-earned bucks. More than one-third of businesses reported losing between 1% and 5% of revenues due to online fraud in the past year. Online businesses don’t just risk losing dollars, though—they can also see the departure of many customers.

        Of course, “fraudulent activity” comprises many risks, and further research highlights the wide range of issues online and mobile retailers must work against. Malware was the biggest issue, on PCs and web browsers as well as mobile devices. E-wallet fraud and app-related risks followed, with account takeovers and password guessing behind. Online businesses don’t better protect themselves from fraudulent activity, not only will they continue to fall victim to such incidents, they risk losing more money and customers as malware, hackers and the like become more advanced.

        I know, it’s easy to read this article and feel overwhelmed, but understand that half of the website security battle is knowledge and learning. The problem is that it is almost impossible to get in front of enough people to scale awareness and education. Once you get in front of people, the next battle is getting them to care. It is often only after someone feels the pain of a compromise that they begin to care or realize the harsh effects.

        As a company who is serious about protecting customers and their business reputation should implement Always-On SSL with SSL certificates from a trusted Certificate Authority.  You can find out all about Always On SSL here. Google now favours websites that implement HTTPS across their entire site. Keep your visitors safe with Always-On SSL and Google will reward you with a SEO ranking boost.

        As if that was not enough, many browsers now trigger security warnings when a user is hopping between secured and unsecured connections. Ensure your customers experience your website as intended with Always-On SSL. SSL and website security is now in the public consciousness, and if you’re not doing your  part you could find yourself being publicly shamed on HTTP Shaming, a site set up by software engineer, Tony Webster.

        When it comes to businesses and their websites, good security processes and Implementation are all that stand in the way of total ruin: financial and reputational.         

        So make sure you’re secure in 2016 with Symantec

        • Products
        • Malware Scan
        • Vulnerability Assessment
        • Symantec Website Security
        • DigiCert Code Signing
        • Products and Solutions
        • website security
      • Important changes to SSL certificates on intranets: what you need to know

        Mar 29 2018, 10:48 PM

        by Elliot Samuels 6

        If you use SSL certificates on intranet sites with internal server names, they may not work from 1 November 2015.

        For companies with complex infrastructures, the change may be challenging but now is the time to start getting ready. If you use SSL certificates on intranet sites with internal server names, they may not work from 1 November 2015.

        For companies with complex infrastructures, the change may be challenging but now is the time to start getting ready.

        Local vs. global address

        Imagine you have a server on your network. It may have an IP address that is resolvable on the internet, but it’s more likely to have an address that is only valid on the local network, such as It is also likely to have a domain name that is only resolvable on the local network, such as https://intranet.local or https://mail.

        Digital Lock1 1200x628.jpg

        Certification challenges

        Without unique domain names that can be resolved in the context of the public internet, it is impossible for a Certification Authority to issue a trustworthy certificate.

        After all, it would work for any server with that name and that creates a security risk. For this reason, the leading Certification Authorities, including Symantec, that make up the Certification Authority/Browser Forum (CA/B Forum) have decided to cease issuing certificates without a Fully Qualified Domain Name (FQDN).

        Reducing your own risk

        Eliminating this risk not only increases the trust in certificates but also reduces the risk of hackers obtaining certificates that validate a copycat internal address.

        Currently cyber criminals are using compromised certificates to impersonate internal servers by either hacking into the corporate network, or by intercepting an intranet access request on a work device using public Wi-Fi. This in turn puts confidential company data at a high risk of exposure.


        The CA/Browser Forum recommends the following possible alternatives:

        • Use a fully-qualified domain name certificate and DNS domain suffix search
        • Use an enterprise/private CA to issue and trust certificates for non‐unique names
        • Manually provision trust in self‐signed certificates
        • Use Internet Protocol Security (IPsec)

        But whichever route you choose, it’s important to make a plan as soon as possible so that you can continue to offer internal users secure, encrypted and authenticated websites and other services without interruption. If you are interested in a Symantec Private Certification Authority (CA) solution, please let us know or watch our webcast.

        To learn more about this and other changes to the Certification Authority/Browser Forum Baseline Requirements please view this webcast.

        • Products
        • website security solutions
        • SSL
        • Identity and Authentication Services
        • DigiCert SSL TLS Certificates
        • Products and Solutions
        • website security
        • intranet