Trust is the foundation of the Internet economy.To ensure that trust, you need end-to-end security that can help protect every Web page your users visit, not just login pages and shopping carts.
Always On SSL is a fundamental, cost-effective security measure for websites that helps protect the entire user experience from start to finish, making it safer to search, share, and shop online.
Companies who are serious about protecting their customers and their business reputation will implement Always On SSL with SSL certificates from a trusted Certificate Authority. This basic, easy-to-implement security measure delivers authentication of the identity of the website and encrypts all information shared between the website and a user (including any cookies exchanged), protecting the data from unauthorized viewing, tampering or use.
The Online Trust Alliance is calling for websites to adopt Always On SSL and some of the world’s most successful websites have successfully implemented it to protect against sidejacking and hacking through threats such as Firesheep, malicious code injection, and malvertising.1
The Need for Persistent Online ProtectionAs online attacks become more frequent and easier to execute, organizations around the world are under increasing scrutiny to ensure all online transactions involving confidential data are secure. Here are some of the specific challenges that organizations face today:
- Unsecured WiFi and cookies are everywhere: Wi-Fi networks in public locations such as airports and coffee shops are often left open to facilitate use. Tools such as Firesheep have made it easier than ever to eavesdrop on unencrypted HTTP sessions, intercept users’ cookies and steal the confidential information within the cookies to gain access to web services.
- Malvertising can happen to anyone: Websites depend on the trust visitors put in their links and banner advertisements. Cybercriminals take advantage of this by injecting malicious advertisements that can download malware to the computers of unsuspecting users or lead them to fraudulent sites.
- Government officials and privacy groups are pushing for companies to provide Always On SSL: In response to reports of SSL hacks, legislators have publically called on websites to expedite the transition to Always On SSL.2
- A single data breach can ruin your brand: The 2010 Annual Study: U.S. Cost of a Data Breach report, co-sponsored by the Ponemon Institute and Symantec, found that companies that suffer data breaches paid on average $7.2 million per breach and $214 per compromised data record.3 Lost business due to increased customer turnover accounted for 63 percent of total breach costs, meaning many current and future customers take their business elsewhere after a breach. An unsecured connection between an end user and a website may give a hacker the opening they need to inject malicious code designed to attack that site and its servers – an attack that could result in a data breach.