Protect the Entire Online User Experience with Always On SSL

All legacy Symantec account portals have moved to CertCentral. Log in below if you’ve already activated your CertCentral account. If not, contact our sales or support teams here. They will send you an email with a unique link to access your account. Login

SECURITY TOPICS

Protect the Entire Online User Experience with
Always On SSL

Always On SSL is a fundamental, cost-effective security measure for websites that helps protect the entire user experience from start to finish, making it safer to search, share, and shop online.

Trust is the Foundation of the Internet Economy

To ensure that trust, you need end-to-end security that can help protect every webpage your users visit, not just login pages and shopping carts.

Companies who are serious about protecting their customers and their business reputation will implement Always On SSL with SSL certificates from a trusted Certificate Authority. This basic, easy-to-implement security measure delivers authentication of the identity of the website and encrypts all information shared between the website and a user (including any cookies exchanged), protecting the data from unauthorized viewing, tampering, or use.

The Online Trust Alliance is calling for websites to adopt Always On SSL - some of the world’s most successful websites have successfully implemented it to protect against sidejacking and hacking through threats such as Firesheep and malicious code injection.¹

The Need For Persistent Online Protection

As online attacks become more frequent and easier to execute, organizations around the world are under increasing scrutiny to ensure all online transactions involving confidential data are secure. Here are some of the specific challenges that organizations face today:

Unsecured Wi-Fi and cookies are everywhere: Wi-Fi networks in public locations such as airports and coffee shops are often left open to facilitate use. Tools such as Firesheep have made it easier than ever to eavesdrop on unencrypted HTTP sessions, intercept users’ cookies, and steal the confidential information within the cookies to gain access to web services.

FAQ: Firesheep and Sidejacking Prevention

Government officials and privacy groups are pushing for companies to provide Always On SSL: In response to reports of SSL hacks, legislators have publically called on websites to expedite the transition to Always On SSL.²

A single data breach can ruin your brand: The 2010 Annual Study: U.S. Cost of a Data Breach report, co-sponsored by the Ponemon Institute and DigiCert, found that companies that suffer data breaches paid on average $7.2 million per breach and $214 per compromised data record.3 Lost business due to increased customer turnover accounted for 63 percent of total breach costs, meaning many current and future customers take their business elsewhere after a breach. An unsecured connection between an end user and a website may give a hacker the opening they need to inject malicious code designed to attack that site and its servers – an attack that could result in a data breach.

¹ https://otalliance.org/resources/always-ssl-aossl
² http://news.cnet.com/8301-1009_3-20037253-83.html, Feb 28, 2011
³ 2010 Annual Study: U.S. Cost of a Data Breach, Ponemon Institute, March 2011

Beginner's Guide to SSL/TLS

SSL/TLS Explained

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business.

This guide will de-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.

READ BEGINNER'S GUIDE