Trusted security, focused on you.

Vulnerabilities Heartbleed, POODLE, and FREAK have let the world at large know that our communications structures need better protection. There’s never been as much scrutiny of the Secure Socket Layer (SSL) and Transport Security Layer (TLS) protocols as there is today. And while scrutiny is good, it may be warranted elsewhere. Most attention is typically placed on the protocol’s vulnerabilities. But the fact that most organizations don’t realize that is, that it’s their own actions and improper deployment that are proving to be bigger challenges to the state of their security than inherent vulnerabilities in the protocols.

In many companies it seems that certificates are accounted for using some hard-to-maintain manual process, and that security breaches on secure servers are only flagged when there is wide public discovery. Security upgrades don’t seem to occur otherwise. And, we can’t say that system administrators are to blame. SSL/TLS is a deceptively simple technology. It’s not actually as easy to deploy correctly as it seems.

That’s why our SSL experts have put together Entrust’s SSL Best Practices resources, so we can help guide you to safer SSL/TLS deployment and keep you aware of all industry security news and upgrades that are available to you.

How does SSL Work?

You’ve heard of SSL, but do you know how it actually works? If not, we’ve gathered a comprehensive primer on the history of the technology and how it’s used to secure and encrypt online transactions and communication.

Learn More about How SSL Works

Better Browser Trust

SSL/TLS is a powerful technology, but the key to ensuring your site is properly protected is correct deployment. Entrust’s SSL Best Practices guide dives deep into the complexities of SSL and teaches you the common mistakes and best practices that address today’s popular security problems/ concerns.

Access Entrust’s SSL Best Practices Guide Here

SSL Service and Support

If you’re not yet well-versed in SSL or if our documents didn’t cover your specific problem, Entrust has technical support services that can help answer your questions and find what you’re looking for.

Learn More Entrust SSL Service and Support

Extended Validation is the new web standard

Green is good. And EV means green. Today’s web browsers display the corporate name with a green address bar for sites protected by an EV SSL certificate. That’s what makes EV SSL certificates a consumer favorite, they offer reassurance through the green bar and other visual cues in the un-modifiable parts of the browser that the site they are visiting is legitimate.

Learn more about The EV Green Standard

The Importance of Organization Validation

SSL certificate providers employ different methods for verifying the identities of the organization or individual purchasing SSL certificates. Entrust thinks it’s important to understand the difference between verification types.

Learn more about OV vs DV

Protect and authenticate identities in the cloud

The protection and authentication of digital identities is one of the key components in securing online transactions or communications. Entrust is diligent in ensuring we meet or exceed industry requirements for the issuance and management of publicly-trusted certificates. This added level of authentication makes it more difficult for your identity to be misused and your account compromised.

Learn more about Certificate Management Authentication

Elliptic Curve Cryptography (ECC)

Entrust provides innovative organizations the opportunity to deploy digital certificates using advanced ECC technology. Test your applications and services for compatibility with the advanced ECC standard.

Learn more about Entrust Elliptic Curve Cryptography

Migrating to SHA-2

Google is being proactive in strengthening the trust chains of the online community. In September 2014, the company announced that they will sunset SHA-1. This change, however, introduces necessary growing pains for global website operators. As with most aging cryptography, time is the enemy. Advances in computing power overcome cryptographic strength. In this case, SHA-1 has been determined to be weak against collision attacks.

Learn More about SHA-2
Learn How to Migrate to SHA-2

Want more SSL/TLS News Updates and Articles?

Check out our Blog