Video Screencast Help
Website Security Solutions
Showing posts in English
rhoblit | 22 Apr 2013 | 0 comments

The Online Certificate Status Protocol (OCSP) is the protocol used by browsers to obtain the revocation status of a digital certificate attached to a website. Naturally OCSP speed is considered one of the main criteria for quality, as browsers reach out to webservers and confirm that the SSL certificate is valid.

It is the first criteria, but certainly not the only one. Most of the major Certificate Authorities (CAs) measure similarly in OCSP speeds according to reputable third party tests, some trending slightly lower or higher. Mindful investments in infrastructure and architecture keep the speed battle going, and competition is fierce. But there are four aspects to OCSP and the whole SSL certificate verification structure that should be considered, and held equal in importance.

A second factor is reliability. When a Certificate Authority is tricked into issuing a legitimate SSL certificate for third party fraudulent activities, the entire industry can suffer a loss...

Brad | 19 Apr 2013 | 0 comments

The landscape

This year’s Internet Security Threat Report is very sober reading for SMBs. Last year, targeted attacks on small companies (fewer than 2,500 employees) went up 50%. Yes, it's true: Criminals realized that money stolen from the SMB would spend just as nicely as money pulled from a large corporation, and was much easier to acquire. Smaller companies have income in the bank, employee and customer data, and sometimes very valuable intellectual property that they're hoping to make a lot of money with. Yet with all these assets, surveys last year showed that the majority of smaller business owners think they're too small to be targeted by evildoers.

A secondary problem for the SMB situation is the larger enterprise they want to do business with. With inadequate security, the vulnerabilities for an SMB can be points of entry into larger...

Leelin Thye | 17 Apr 2013 | 1 comment

Secure Hash Algorithm 256 (SHA-2 or SHA-256) support on Symantec Code Signing for Individuals and Symantec Code Signing for Organizations is available starting April 1st, 2013 on the following Symantec Code Signing platforms: Microsoft® Authenticode™, Java™, Adobe® Air® and Microsoft® Office Visual Basic® for Applications (VBA). You will be able to select the option for SHA-2 through the ordering pages, reissue process and via the Application Programmatic Interface (API) for QuickOrder, QuickInvite and Reissue.

SHA-2 was published by National Institute of Standards and Technology (NIST) as U.S. Federal Information Processing Standard.

Please note that some older applications and operating systems do not support SHA-2, for example, Windows™ XP Service Pack 2 or lower does not support the use of SHA-2. Java SDK 1.4.2 or higher...

Jimmy Edge | 08 Apr 2013 | 0 comments


More and more business is being conducted on the internet these days, with even the smallest of businesses likely to have some kind of web presence.

The web is a great arena for businesses, especially smaller outfits, to operate in. The costs are low and it’s relatively easy to build up a strong online presence.

But conducting business online does have its dangers, especially given the number of threats posed by cyber criminals these days.

This is most important when it comes to transferring sensitive data across the web. Whether it’s sending contracts or receipts via email, or transferring sensitive financial information, protecting data that is being sent via the web is vital. So, what can you do to protect it?


rhoblit | 05 Apr 2013 | 0 comments

Speed. Availability. Security. Name recognition. These are things everyone cares about, in any online industry. Whether you're selling shoes, running a charity, or operating a multi-national company with global online presence, it matters that your customers feel safe to interact online with you, and that they have a fast, efficient experience at your site to bring them back again.

Speed and availability are becoming two of the biggest challenges for hosting companies and SSL providers alike. Speed of OCSP lookup is important, to keep within acceptable guidelines of page load times. Symantec is constantly looking for ways to improve, and we invest in expanding our infrastructure to enhance speed and reliability. GlobalSign has advertised that they outsourced their OCSP lookup to CloudFlare. Now, there's nothing wrong with a company outsourcing services, if it helps operate more safely and efficiently.

Alas CloudFlare has had some significant recent outages, so...

Jimmy Edge | 27 Mar 2013 | 2 comments

The world of social media has taken off at a breath-taking pace. Yes, it‘s gone ‘viral’ – and yet the current rate of usage may just be the beginning. With millions of people having fought tooth and nail to get their hands on the latest smart phones – just look around at how many are proudly brandishing them in your workplace – the sheer scale of this phenomenon has started to reveal itself.

Everywhere you go, the evidence is increasingly in front of you: people in cafes on their laptops; on trains, using their smartphones; at home, on their PCs/laptops/smartphones; and at work, using everything and anything, both standalone AND connected to the Internet! The upshot is that security is now being compromised as never before.


Jimmy Edge | 21 Mar 2013 | 0 comments

Consumerisation of information technology is forcing IT to take a new look at security. And, if you run a small to mid-sized company, with limited resources, it’s adding pressure.. With social media and BYOD (Bring Your Own Device) changing  the whole working landscape, how do you protect yourself against the ever growing number of security threats – data breaches through the network, data leakage by employees, malware attacks and lost hardware?

Not long ago, no doubt, everything would have seemed that much clear cut to you, with the boundaries between people’s personal and work lives quite distinct. Now, that has all been turned on its head. Those boundaries have been torn down – with the estimated 22.5% of the time that we now spend online (according to social media watchdog Nielsen in ‘State of the Media: The Social Media Report’), putting enormous pressure on security.

You’ve probably all heard the hype that surrounds...

Tom Powledge | 18 Mar 2013 | 1 comment

As I settle into my new role here at Symantec in User Authentication and Website Security Solutions, I am pleased to find myself surrounded by passionate people that really care about security, from the customer experience and confidence out through the security ecosystem to end-user education.
I’m happy to share that Symantec User Authentication has made a leap into the Visionary quadrant of the high profile Gartner 2013 Magic Quadrant for User Authentication.  We are very proud of this recognition!  If you are a Gartner customer and want to read this report you can access it on Gartner’s web site:
These kinds of accolades are gratifying validation of our work.  The report made note of some of our new innovations, which...

Brad | 13 Mar 2013 | 0 comments

March Madness is almost here! I expect there will be the usual social media blitz on team information, player stats, tournament brackets, schedules, and other sites that are set up by good and bad agents alike. We’re going to see ads in sidebars, links on Twitter, and tempting headlines all over the web. If you’ve ever bought anything from an online store selling sports gear or official jerseys or tees, you’re certain to see more than your fair share of these links.

I love college sports, and keep track of my alma mater even though they never do well on the national basketball courts. So I’m somewhat isolated. But if you’re a more rabid fan of a Division 1 university team, there’s a huge opportunity for evildoers to lead you astray. You’re...

Jimmy Edge | 07 Mar 2013 | 0 comments

Online threats have become a fact of life for people who regularly use the internet. However, rather than worrying about it or waiting for potentially important details to be compromised, there a number of key points which you can consider to counter any possible threat.

Pondering the important issues and putting the right structures in place can go a long way towards making sure that you are sufficiently set up to deal with a number of threats.

Cyber criminals are constantly coming up with new and inventive ways to fool us into parting with our cash or handing over our details online.

New web threats

There was a time, not so long ago, when you could spot a malicious website a mile away. Something would always give it away, whether it was a suspicious domain name, strange wording or poor usability.

These days, the cyber criminals have become a lot savvier – and a lot more dangerous. The majority of malicious websites out...