Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts tagged with Identity and Authentication Services
Showing posts in English
Spencer Parkinson | 02 Oct 2013 | 0 comments

Information Security™ magazine and SearchSecurity.com recently announced the winners of its 2013 Reader’s Choice Awards, which were selected based on feedback by customers who were asked to assess products deployed within their organizations. We’re excited to announce that Symantec was honored with eight awards – four Gold, two Silver and two Bronze –demonstrating significant representation across our diverse portfolio of market-leading security solutions.

Included below is a complete list of Symantec’s wins, which will be featured in the October edition of Information Security magazine and are highlighted online at SearchSecurity.com.

The Information Security magazine and SearchSecurity.com 2013 Readers’ Choice Award winners were selected based on extensive, in-depth discussions and...

Jimmy Edge | 16 Sep 2013 | 0 comments

We’ve created this short blog post as a response to a question we received via Twitter @nortonsecured. We were asked about if it was possible to set up and test the Norton Secured Seal in a development environment.

As this was such a great question we wanted to share this information more widely.

Testing the Norton Seal in a development or test environment

Customers can test the Norton Secured Seal in their development environment following these steps:

  • Set up a development environment where the domain name matches their production website that is secured by a Symantec SSL certificate. E.g. If the production website is www.abc.com, the development environment could be test.abc.com
  • Generate the Seal script from Symantec's Seal Install page at ...
Jimmy Edge | 05 Sep 2013 | 0 comments

14717-Symantec-WSTR-header-660x200.jpg

Last year saw a shift in website threats, with more targeted attacks emerging that were aimed at small and medium businesses. While website security should always be at the forefront of any online business, a new Symantec infographic emphasises the importance of paying attention to the findings and enforcing any necessary changes in the online presence of a SME so that they are less likely to become the victim of malicious threats.

The first part of the Infographic takes a look at some of the concerning figures that were seen last year, including the phenomenal 24 million identities that were stolen as a result of one breach of security...

geoffnoakes | 29 Aug 2013 | 0 comments

Facebook announced on July 31st that they have implemented https as default for all of their users. This means that almost all traffic to www.facebook.com and 80% of traffic to m.facebook.com will be using a secure connection. This is both a significant accomplishment for Facebook, who first made the option of using https available two years ago, but it is also great news for their users. When users log into Facebook and see https in the URL, the information they share is encrypted by a Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate. One of the most significant challenges Facebook faced in the implementation of default https was the impact on performance. Moving from http to https is much more complex than it might appear, and it is not simply re-rerouting from http to the https. SSL...

Quentin Liu | 19 Aug 2013 | 0 comments

A few weeks ago at Black Hat 2013 in Las Vegas, there was a particularly interesting presentation entitled, “The Factoring Dead: Preparing for the Cryptopocalypse.” Here at Symantec, we found the topic particularly interesting. Tthe presentation touched on a key topic that we would like to highlight. RSA is a tried and true algorithm and pervasive throughout the ecosystem and there is no reason to mistrust it. This year the industry is moving from RSA 1024-bit certificates to 2048-bits based on NIST recommendations, as the compute power available to bad actors makes a brute force attack on 1024 bit keys increasingly practical. However, what the article mentioned was that recent advances in technology and mathematics have questioned whether this natural balance of bit length versus compute power has a third variable that could make RSA more vulnerable to factoring within 2-5 years. The presenters indicated that the Elliptic-curve cryptography, or the ECC algorithm, is...

Amer Sethi | 15 Aug 2013 | 1 comment

E-commerce is on a massive upward trajectory in the Middle East and North Africa (MENA) region. According to a recent report issued by Visa[1], nowhere else in the world is growing as fast: MENA experienced a 45% increase in 2012, compared to the previous year, with transactions soaring from $10 to $15 billion.[2] The fastest growing markets

For retailers who have tended to ignore or avoid this market, in favour of others that have seemed both more stable and lucrative, those figures are bound to make them think again. This is fertile territory and many of their rivals are now clearly reaping the rewards to be had there. So expect to see competition hotting up!

What are people buying online right now and how can the MENA region overcome some fundamental factors to drive growth even higher? The popular and growing areas for e-commerce right now are banking, paying...

Jeannie Warner | 22 Jul 2013 | 0 comments

Videos are hot these days. People are posting home-made videos of everything from their cats to romantic rants or new songs. Some clever companies are starting to use customer video feedback for social outreach as well, hooking into this new viral craze. Sports fans like me have seen the competitions for the best customer-made commercial on TV, and looked up our favorites on YouTube.  

However, with all these videos being created, it creates a new vector for virii or other malware to be downloaded when people view the clips. It's clear that videos and testimonials are important to the future of marketing and social media, so what remains is a clear need to create, upload, and share videos more securely.

Buzztala, one of Symantec's partners, has created a Social Video Platform to work with businesses that want to let customers upload videos, testimonials, and other social networking content. Buzztala is running SSL on their hosting platform, and adds the...

Andy Horbury | 16 Jul 2013 | 0 comments

I hope you read my last post on the bad advice that some sites give their users. As a follow up, I thought it would be useful to highlight what some of the errors you might see online actually mean, and what is happening in the background to keep you safe and secure.

First of all let me explain what happens with the some of the security warnings you might see in your web browser when an SSL certificate has expired. When you visit a site and initiate a secure session (such as logging into your webmail), the server hosting that site presents your browser with an SSL certificate to verify its identity. This certificate contains different kinds of identity information, including the URL of the website; all of this information has been verified by a third party Certificate Authority (such as Symantec) that your browser trusts. By checking that the address in the certificate matches the address of the website,...

Andy Horbury | 03 Jul 2013 | 0 comments

A friend of mine called me last week (I’m the de facto security/IT guy in my circle of friends) her question was what to do when faced by the message below as it was something she’d not seen before. The warning message as you can see below says that the site may no longer be secure because of an expired SSL certificate.

expired-certificates.jpg

My immediate answer was that under no circumstances should she ever proceed. If in doubt go to another site, visit their bricks and mortar address, try calling or emailing the store. But do not use the website. The answer I got back from my friend was quite surprising……after enquiring what the issue was via Twitter, she was told by a representative of the site “This warning is nothing to worry about”. After sitting down to consider this I realised what horrendous advice this...

Brook R. Chelmo | 28 Jun 2013 | 0 comments

Migrating certificates during a major key size migration can be difficult at best. I’m going to give you some background, share a great video we have produced, as well as share seven steps to aid in this migration.

Background - Key Sizes Change with Time

Since the RSA algorithm was first publically described in 1977 by Ron Rivest, Adi Shamir, and Len Adleman, 17 key sizes have been factored (hacked).  So far the highest key size that was factored was RSA 768-bit in 2009.  As cloud computing grows so does the threat that RSA 1024-bit will be factored as well. 

Industry Response – Bring 1024-bit Certificate to End-of-Life

In order to be proactive, Certification Authorities (CAs) have been tasked to bring these certificates to end-of-life by the end of 2013.  An end date of December 31, 2013 was listed by...