Website Security

Hirearinger.com SSL

Protecting your clients and yourself is one of the most important things you can do as a website owner. You need to be protected now more than ever with the large amounts of data theft, information tracking, and other mischievous uses of your data.

Recently S.J.Res.34 was nullified by congress. How does this pertain to you? Well, if you use the internet in any capacity than this applies to you. This bill made it, (before nullification), so that it was illegal for ISP to track your data and sell it to advertising companies, or whoever is willing to pay for it. Now that it is gone, they can do just that.

We can still assume that ISPs were collecting data and selling it anyway. So don’t fret just yet. There are many ways you can protect yourself and your data.

If you are on the web these days you can see whether a website is secure. This means the site has an SSL (Secure Sockets Layer) or TLS (Transport Lay Security) in its backend. In its simplest form, the methods mentioned are used to encrypt data from the server that a website lives in, and keep it encrypted till it reaches the user.

This process occurs both ways. If a user fills in form data when on a secure website, the data is encrypted from his computer till it reaches the server where that information is store. This data is encrypted using AES 128 or AES 256. These are common types of encryption, but not the best by far.

But, even with these types of encryption, decrypting this data could be take anywhere from say 13billion year or more. This is assuming a single person is attempting to decrypt the data using a typical CPU and brute force methodology. If a supercomputer is used, this time is reduced to 6 months.

Realistically, that data is safe for now. But in an age where CPU’s computing power doubles every two years, this means is could be broken even sooner. By that time comes, even better types of data encryption will be around.

Currently the general types of SSL certificates are as follows: 1: Self Signed. 2: AutoSSL Domain Verified. 3: Organization Validated. 4: Extended Validation.
If you own a website, the bare minimum you should be using is #2: AutoSSL. Open SSL Is a provider of free SSL encryption keys. They provide this service in the hopes of a more secure and encrypted internet.

Should you not have an SSL, HTTPS on the beginning of a url, you are vulnerable to data theft, and selling of you and your clients data. Protect yourself and your clients, get an SSL.

Some simple steps you can take to be protected are as follows: Talk with a server administrator, and see if they can set up an SSL for you. If they can’t, find a development company that can help you set up encryption to protect your websites data. Or even send letters to your congressman about re-instating S.J.Res.34 (or something similar).


Source: New feed