Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts tagged with Identity and Authentication Services
Showing posts in English
Bernard Laroche | 03 Nov 2011 | 0 comments

Is your business ready to be blacklisted by search engines or you have the right tools to stay online and trusted?

The only way websites can get off the blacklist and shut down the warnings is to demonstrate that they are malware free. That’s why anti-malware scans and anti-malware seals are so valuable: they offer immediate, demonstrable proof that visitors can trust a website to be free of malware.

Anti-malware scans and seals offer website owners other tangible business benefits, including:

  • uninterrupted search traffic, higher search rankings and more completed transactions
  • improved compliance with commercial and government data security standards
  • significantly decreased chances that search engines will identify the website as malicious
  • much lower likelihood of public exposure, bad press and negative business...
Bernard Laroche | 28 Oct 2011 | 0 comments

With National Cybersecurity Awareness Month winding down, now is a good time to re-emphasize the threat that malicious code (malware) poses. Website owners of all sizes must protect themselves and their customers from these destructive or intrusive programs, which can destroy, compromise or steal sensitive data and inflict terrible financial costs on all victims.

Malware affects individuals and organizations of every size, from one-person operations to the largest global enterprises. But like calculating the distance between stars, the size of the federal budget deficit, or how many calories are in some fast food menu items, it’s hard to imagine how staggeringly large malware numbers are until you really look at them.

For example, Verizon’s 2010 Data Breach Investigations Report...

FranRosch | 26 Oct 2011 | 3 comments

There is a distributed denial of service (DDOS) attack making news this week called THC-SSL-DOS, and it’s stirring up some discussion about the renegotiation feature of SSL. Some are saying this is a flaw in SSL. It is not. SSL renegotiation is a feature; not a flaw to be fixed. The attack is primarily another DDOS attack.

A better user experience

Renegotiation is a feature that makes it possible to adjust the parameters of an SSL handshake without requiring an entirely new SSL session. This allows for an improved user experience, a must have for most Ecommerce, media, cloud providers, and SaaS sites.

Here is just one example: a web user visits a web site that is SSL encrypted. After spending some time shopping on that site anonymously the user decides to purchase or log in. Renegotiation will allow the SSL connection with that site to adjust to authenticate the user without requiring a break in the user experience. This way, all the...

AllenKelly | 06 Oct 2011 | 0 comments

As you may already know, VeriSign Authentication Services became part of Symantec in August of 2010. Since then, we’ve continued to invest in and enhance your SSL Certificates—adding more value and providing even more protection for your business—while still giving online customers the greatest confidence that your website is secure. Since we became part of Symantec we’ve delivered:

  • Express Renewal and AutoRedeem/AutoPay Renewal Services Learn more

  • Vulnerability Assessment Learn more

  • Symantec Certificate Intelligence Center...

AllenKelly | 12 Sep 2011 | 0 comments

Symantec® announced today the availability of Symantec Certificate Intelligence Center for public beta.  Symantec Certificate Intelligence Center helps organizations discover SSL Certificates, regardless of issuing CA, across their entire network, and manage the entire lifecycle of SSL Certificates.  This is an add-on option for existing VeriSign® MPKI for SSL customers.

Symantec created this service after hearing from their enterprise customers on the need for an easy-to-deploy SSL Certificate discovery and management system to help provide inventory visibility, ensure business continuity and increase operational efficiency. Other capabilities in the service include:

  • a distributed architecture to enable parallel and fast discovery scans
  • flexible scanning parameters...
AllenKelly | 08 Sep 2011 | 0 comments

This is the second part of a two-part series on the proper management of SSL Certificates.

In Part I of this series, we discussed some of the risks and implications of poorly managed SSL Certificates.  When SSL Certificates expire or become compromised, the need to rectify the situation quickly is paramount. Take the example of a recent incident where a Certificate Authority (CA) was compromised. Customers of that CA may want to take appropriate actions quickly to minimize any cascading impact from that security breach. Unfortunately, if the customers do not have a robust SSL Certificate Management System, they may not know their level of threat exposure.

Many organizations recognize the risks and implications of out-of-status SSL certificates....

AllenKelly | 01 Sep 2011 | 0 comments

On August 17th eWeek ran an article that described how improper SSL implementations can leave websites vulnerable to various cyber attacks.  While this story is spot-on, what is equally important to consider is the proper management of SSL Certificates. The mismanagement of SSL Certificates can lead to financial loss and lack of credibility for your organization.

One particular challenge that enterprises face can be having hundreds of SSL Certificates and no proper SSL Certificate management tool. The status of each certificate is usually tracked manually on a spreadsheet or through some other manual mechanism.  Manual mechanisms are prone to human error, and what’s more, data is difficult to track when IT personnel changes.  In addition, it isn’t unheard of for an SSL Certificate to expire in the middle of the...