SECURITY TOPICS

Protect the Entire Online User Experience with
Always On SSL

Always On SSL is a fundamental, cost-effective security measure for websites that helps protect the entire user experience from start to finish, making it safer to search, share, and shop online.

Trust is the Foundation of the Internet Economy

To ensure that trust, you need end-to-end security that can help protect every webpage your users visit, not just login pages and shopping carts.

 

Companies who are serious about protecting their customers and their business reputation will implement Always On SSL with SSL certificates from a trusted Certificate Authority. This basic, easy-to-implement security measure delivers authentication of the identity of the website and encrypts all information shared between the website and a user (including any cookies exchanged), protecting the data from unauthorized viewing, tampering, or use.

 

The Online Trust Alliance is calling for websites to adopt Always On SSL - some of the world’s most successful websites have successfully implemented it to protect against sidejacking and hacking through threats such as Firesheep and malicious code injection.1

Always On SSL

The Need For Persistent Online Protection

As online attacks become more frequent and easier to execute, organizations around the world are under increasing scrutiny to ensure all online transactions involving confidential data are secure. Here are some of the specific challenges that organizations face today:

Unsecured Wi-Fi and cookies are everywhere: Wi-Fi networks in public locations such as airports and coffee shops are often left open to facilitate use. Tools such as Firesheep have made it easier than ever to eavesdrop on unencrypted HTTP sessions, intercept users’ cookies, and steal the confidential information within the cookies to gain access to web services.

FAQ: Firesheep and Sidejacking Prevention

Government officials and privacy groups are pushing for companies to provide Always On SSL: In response to reports of SSL hacks, legislators have publically called on websites to expedite the transition to Always On SSL.2

A single data breach can ruin your brand: The 2010 Annual Study: U.S. Cost of a Data Breach report, co-sponsored by the Ponemon Institute and Symantec, found that companies that suffer data breaches paid on average $7.2 million per breach and $214 per compromised data record.3 Lost business due to increased customer turnover accounted for 63 percent of total breach costs, meaning many current and future customers take their business elsewhere after a breach. An unsecured connection between an end user and a website may give a hacker the opening they need to inject malicious code designed to attack that site and its servers – an attack that could result in a data breach.

1 https://otalliance.org/resources/always-ssl-aossl
2 http://news.cnet.com/8301-1009_3-20037253-83.html, Feb 28, 2011
3 2010 Annual Study: U.S. Cost of a Data Breach, Ponemon Institute, March 2011

Beginner's Guide to SSL/TLS

SSL/TLS Explained

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business.


This guide will de-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.

READ BEGINNER'S GUIDE
Symantec Private Certification Authority

Symantec Private Certification Authority Service (Private CA)

Symantec Private CA is a cost effective solution to improve the security and management of private intranet certificates while adhering to corporate and industry compliance standards.

Continue Reading

What is EV SSL?

What is EV SSL?

Symantec SSL/TLS Certificates with Extended Validation (EV) provide solutions that allow companies and consumers to engage in communications and commerce online with confidence.

Continue Reading

Secure Multiple Domain Names

Secure Multiple Domain Names with a Single SSL/TLS Certificate

Secure up to 100 fully-qualified domains with a single certificate.  Choose a Symantec SSL Certificate and secure multiple1 domain names by adding them to the Subject Alternative Name (SAN) field during enrollment.

Continue Reading

SUCCESS STORIES

Symantec Website Security Solutions in the Real World

Join the Community

Join Security Discussions on Symantec Connect

SYMANTEC CONNECT

Follow Threat Intelligence on Twitter @Threatintel

SYMANTEC ON TWITTER

Watch Videos on the Symantec Website Security YouTube Channel

SYMANTEC ON YOUTUBE