Video Screencast Help
Search Video Help Close Back
to help

Website Security Solutions

Showing posts in English
SSL Accelerators – How SSL Acceleration Can Help Your Business | Symantec
Andy Horbury | 17 Jun 2013 | 0 comments

You know just what a boon SSL can be to your business when it comes to keeping your transactions safe, ensuring that your sensitive information – such as credit card numbers, social security numbers and login credentials – is transmitted securely. Not only is it required by the Payment Card Industry, but it’s good business practice to make sure your customers’ information is safe and secure in transactions with your site. Encryption has an impact on the load time, and a wise site owner will work to find the best possible implementation to minimize the effect.

The impact of SSL in terms of speed and authentication is different from one environment to another. Factors include type and source of content, hardware and software tailored solutions such as outsourced transactions and through-put to traffic, whether and how the admin has preloaded pages. Additionally, with the...

Read more
Client Certificates vs. Server Certificates – What’s the Difference?
Jimmy Edge | 14 Jun 2013 | 0 comments

Mention PKI or ‘Client Certificates’ to many people and it may well conjure up images of businesses busily protecting and completing their customers’ online transactions, yet such certificates are to be found throughout our daily lives, in any number of flavours; when we sign into a VPN; use a bank card at an ATM, or a card to gain access to a building; within Oyster public transport smart cards, used in central London. These digital certificates are even to be found in petrol pumps, the robots on car assembly lines and even in our passports.

In Continental Europe and many so-called ‘emerging countries’, the use of client certificates  is particularly widespread, with governments issuing ID cards that have multiple uses, such as to pay local taxes, electricity bills and for drivers’ licenses. And the reason to see why is simple – client...

Read more
E-Commerce sales to top $1.29 trillion: Is your small business website protected?
Tom Powledge | 10 Jun 2013 | 0 comments

Here’s a number worth thinking about: According to estimates by research firm eMarketer, Inc., global e-commerce sales are expected to grow 18.3 percent to $1.298 trillion this year (Source: eMarketer, Jan 2013). So, what does this mean for you?

Every business, no matter the size, has an opportunity when it comes to e-commerce – it’s not just large retailers, though they do account for the biggest slice of the gigantic pie. As a small business you need to use the Web to attract, find, communicate, service and sell to your customers. It’s a cornerstone of staying competitive and essential if you’re keen to grow.

It may seem simple to open an e-commerce business or add e-commerce to your website. But, many business owners rush in and don’t take the time to lay the proper groundwork before they go live. It takes more than...

Read more
Symantec Achieves High Honors in Keeping the Internet Safe
Tom Powledge | 05 Jun 2013 | 0 comments

The Online Trust Alliance (OTA) has news today, June 5. The OTA conducts an annual audit of a range of businesses, government agencies, and vendors. This audit looks at how each organization deals with the key points of importance to the OTA; domain, brand and consumer protection; site, server, and infrastructure security (including SSL certificate implementation); data protection, privacy, and transparency. They look at over 750 websites, including the 2013 Internet Retailer Top 500, leading financial institutions (certified FDIC), social networking sites, and OTA member companies like Symantec. The public can go to the OTA's website, look at their criteria, and see who the OTA recommends for practicing safe online activity in their Honor Roll.

Inclusion isn't guaranteed, even for partner Certificate Authorities. Symantec Website Security Solutions works with...

Read more
Web Security: Everything you Need to Know to Stay Safe
Andy Horbury | 30 May 2013 | 0 comments

Tightly targeted cyber-espionage attacks designed to steal intellectual property are hitting the manufacturing sector and small businesses with ever greater venom, with the latter, highly vulnerable, organisations the target of 31% of such attacks – a threefold increase on 2011.

Meanwhile, targeted attacks overall have seen a massive 42% surge during 2012, compared to the previous year.

These are just some of the worrying statistics revealed by Symantec in its forthcoming ‘Website Security Threat Report’.

Why small businesses? Because they are seen as the path of least resistance. Cybercriminals are enticed by their bank account information, customer data and intellectual property – and the often inadequate security practices and infrastructure.

However, the wider reality is that no one is safe. “If you think someone is violating your privacy online, you are probably right,” warns the report.

Some 50%...

Read more
Sidejacking, Firesheep, and AOSSL
Brad | 29 May 2013 | 0 comments

HTTP session hijacking, better known as “sidejacking”, poses a major threat to all internet users. This is due to the common use of Wi-Fi networks, which are inherently unsecure, but also because of the wide-spread misplaced trust in the safety of internet use on phones and perceived secure connections. It has been demonstrated that wired networks are also not necessarily safe from sidejacking attempts and even your interactions in an App store can be at risk as well.

If you are logging into Facebook using the open Wi-Fi network at your local watering hole, an individual with a simple tool such as Firesheep can gain access to your account, change your password, and then potentially take advantage of other programs linked to that account. These sidejacking attacks can be done without any programming knowledge and the problem isn’t simply limited to the unencrypted Wi-Fi networks we are...

Read more
It's National Cyber Security Awareness Week - here are a few tips
Belinda Charleson | 22 May 2013 | 1 comment

It’s time to stop and take a moment to consider cyber security, says the Australian Government. Once a year, the government gets together in partnerships with industry, the community, and consumer organisations to help make people aware of basic steps they can and should do to protect their personal and financial information.

This year’s theme on their Website is “Our Shared Responsibility”. I encourage you all to go out and look at their website, where they help distill a lot of activities down to the basic 10. (With commentary by me.)

  1. Install and update your security software and set it to scan regularly. If you’re broke, there are free A/V options from Microsoft, AVG, and Avast. Install one of these at minimum! Then as soon as you can, upgrade to a top-rated A/V like Norton.
  2. Turn on automatic updates on...
Read more
A solid foundation for public sector security.
Andy Horbury | 20 May 2013 | 0 comments

The public sector has a somewhat mixed record when it comes to staving off security breaches within its walls. In the UK, for example, the hugely embarrassing data losses at HMRC (Inland Revenue/Taxation services) – when the personal details of 25 million people were heavily compromised, due to what were described as "serious institutional deficiencies" – still linger in the mind a few years down the line.

On the plus side, the UK government has been heavily engaged in getting its own house in order, identifying information security as a key priority for 2013 and beyond. In recent months, new initiatives to address growing cyber security threats have been announced, with a cyber security ‘fusion cell’ established for cross-sector threat information sharing. The intention is to put government, industry and information security analysts side-by-side for the first time. The analysts will be joined by members of intelligence agencies,...

Read more
How secure is your website?
Andy Horbury | 15 May 2013 | 0 comments

Nearly a quarter of IT managers don’t know how secure their website is.

2011’s security breach at Sony’s PlayStation Network, thought to be the largest data security leakage ever, was so damaging its effects are still being felt today. After an infection of 10 of its servers, over 75 million global customer account details were stolen. Questions were raised in parliaments worldwide, lawsuits were launched and user access to games was blocked for over a month.

This was a very significant and public security failing and resultant loss of trust, but according to the results of a new survey, similar vulnerabilities could exist right across the web. The problem is that most companies just don’t know.

In Symantec Website Solution’s vulnerability gap white paper we...

Read more
What you need to know to migrate from 1024-bit to 2048-bit encryption
Andy Horbury | 13 May 2013 | 0 comments

I hope by now that you are aware that the Certificate Authority/Browser Forum has mandated that Certificate Authorities stop supporting 1024-bit key length RSA certificates for both SSL and code signing by the end of this year (2013). To learn more about these changes please read the CA/Browser Forum’s paper on the Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates

What do you need to do?

Any Symantec customers with certificates expiring this year (2013) will need to renew by generating a Certificate Signing Request (CSR) of 2048 bits or higher. Any Symantec customers with certificates expiring in 2014 or later will need to replace and upgrade all 1024-bit certificates with 2048-bit RSA/DSA or 256-bit ECC certificates by 1st October 2013. All existing 1024-bit certificates will be discontinued...

Read more