SSL Explained

SSL (Secure Sockets Layer) is a commonly used security protocol that provides supreme privacy when transmitting data over the internet. FTP clients and web shots utilise this protocol to ensure the utmost security during sensitive site browsing activities like eCommerce shopping and online banking. SSL protocol uses symmetric cryptography to perform state-of-the-art data encryption. SSL adds extra security by automatically checking the encrypted messages for integrity before delivering them to the recipient. SSL optimizes CPU resources to facilitate expedited communication, and can be used in conjunction with the following security protocols to increase effectiveness.

TLS Explained

TLS (Transport Layer Security) utilities two main components – TLS Handshake Protocol and TLS Record Protocol. TLS protocol also uses symmetric cryptography, and like SSL checks the messages before the are sent to ensure that they are thoroughly encrypted. TLS differs from SLL because the encrypted massage can only be delivered to a third-party user after two authorized users have received the data. This adds an extra layer of security to the encryption, when used in combination with SSL, this method of encryption provides the highest level of security available to the public.

SSH Explained

SSH (Secure Shell) provides encrypted channels through which encrypted data can travel. Thus, SSH acts more as a medium for the aforementioned encryption methods than as an actual encrypting mechanism, hence the term “shell.” SSH is commonly used to send commands to a computer from a remote location. Although SSH is not the strongest encryption method, it is viable method of secure communication, and is frequently used in the web hosting industry as a standalone security precaution with some applications. Standard FTP services do not utilize Ssh technology, however SFTP (Secure File Transfer Protocol) does utilize this technology along with the other two aforementioned security protocols.

Conclusion

Although all three of these security protocols could be used by themselves with success, most web hosting providers now utilize all three of them simultaneously in one form or another. If you’re serious about keeping your web site data safe form intruders and hackers then you’ll need to pay close attention to the technology used by your web hosting provider, especially if you’re the owner of an eCommerce business. Make sure all of your checkout pages are encrypted and have an SSL certificate. The easiest way to check if a web page is secured is to look at the first letters of the web address. If the web address begins with “HTTPS” then it is secured, however if the web page begins with “HTTP” it is not secured. Never conduct eCommerce on an unsecured web page.

Related posts:

• November 24, 2009 – Securing FTP Connections
• November 30, 2009 – SSL vs. TLS: Which Provides the Best Protection?
• September 1, 2011 – Premium Web Hosting and Security Features Available in the Public Domain
• August 4, 2011 – Secure Shell Security Tips
• July 29, 2011 – Is SSL Essential for eCommerce Sites?
• March 3, 2011 – Three Ways Web Hosting Providers Secure E-Commerce Transactions
• November 26, 2010 – e-Commerce Hosting: What You Need, What You Don’t
• March 11, 2010 – Top 3 Important Aspects of Web Hosting Security
• February 23, 2010 – Selecting a Suitable eCommerce Plan – Key Features
• March 6, 2009 – SSL For Your E-commerce Site

What is an SSL Certificate?

Secure Sockets Layer or SSL, is a security protocol that enables encrypted communications between the customer’s web browser and the server your store is hosted on.  This is accomplished by what is known as a handshake, a process where the server’s identity is confirmed and a secure connection created.  SSL typically offers 128-bit encryption, formulated by an algorithm which generates a key that is virtually impossible to crack.  An SSL certificate shows that your site is secure and safe for shopping.

How to Get a Certificate

SSL certificates are offered by entities known as Certificate Authorities, with the most popular being GoeTrust, Thawte and Verisign.  For the most part, these authorities provide certificates that give you the same level of security.  A single certificate can encrypt the data traveling between the server and each of your customers’ web browsers.  The average online storefront can get adequate protection from a basic SSL certificate.  You also have the option to purchase additional services to strengthen the level of security.

Installing the Certificate

Although many web hosting providers offer SSL certificates as add-on products, you typically have the freedom to incorporate one purchased from a third-party vendor as well.  In most cases, you can learn how your SSL certificate is to be installed via the instructions in the control panel software or by contacting the host’s technical support department.  Some of the most advanced control panels even allow you to incorporate an SSL certificate directly from the interface.  Once installed, the certificate is automatically enabled.  You will know it is activated when noticing “HTTPS” in front your URL rather than “HTTP”.

Designing for SSL

The design of your site is very important when implementing an SSL certificate.  In order for your web pages to be viewed as secure, all scripts, graphics and media elements must be deemed secure as well.  You have probably visited web sites where a warning displays stating that some of the elements of a particular page are not secure.  These messages are prompted when external elements of a web page are not called using the HTTPS protocol.  In many cases, the certificate is valid and secure but the page isn’t designed properly for SSL.  All the external elements of your page must be called using links that include the full URL.  One simple graphic that doesn’t use HTTPS will generate a “not secure” error.

Conscious online shoppers are increasingly looking for SSL certificates and if you don’t have one, you are missing out on a lot of business.  You can have some of the most beneficial products online but if no one feels safe buying them, they will hesitate to proceed with the transaction.

Related posts:

• November 21, 2008 – VeriSign Passes a Tremendous Milestone
• March 11, 2010 – Top 3 Important Aspects of Web Hosting Security
• July 17, 2009 – Securing Your Business Website in Three Easy Steps
• November 28, 2011 – Bit-Defender Internet Security Review
• August 4, 2011 – Secure Shell Security Tips
• July 29, 2011 – Is SSL Essential for eCommerce Sites?
• February 25, 2011 – The Benefits of Using Multiple Domain Hosting for E-Commerce
• October 20, 2010 – Web Hosting Security – Difference Between SSL, TLS and SSH
• February 23, 2010 – Selecting a Suitable eCommerce Plan – Key Features
• November 30, 2009 – SSL vs. TLS: Which Provides the Best Protection?