Only the best SSL security for the Cloud

In a recent article for ‘Computer Technology Review’ Senior Director of Trust Services at Symantec, Michael Lin, said SSL security is a ‘no-brainer’ for cloud computing.

But “not all SSL is created equal”, says Lin. With highly confidential and sensitive information being stored in the cloud, businesses should only choose cloud providers who offer the best SSL security. That’s ‘the best’ encryption levels (a minimum of 128-bit) and ‘the best’ authentication processes (business should go for providers who use the most rigorous validation procedures).

With so much (sensitive information) at stake, it's not worth the risk. When it comes to the cloud, only the best is good enough.

Share this:

Mobiles offer better security than PCs, says Symantec

This week, global security giant Symantec released a whitepaper to help corporations understand the risks of deploying mobile devices to the enterprise.

While Symantec’s evaluation found these platforms offer better security than traditional desktop operating systems, the report also states that the iOS and the Android are still open to security threats.

Share this:

No LOL-ing at the Senate. Lulz strikes again.

Hacker group Lulz – (‘Lulz’ standing for a corrupted version of the well-used online phrase ‘laugh-out-loud’) – has struck again. This time, they’ve broken into the senate website.

The security breach was noticed last weekend, and the senate has ordered a review of all sites hosted on

Share this:

Big month for Symantec

Symantec has announced that last month was its biggest in terms of SSL sales – achieving the largest SSL growth with 8,322 units for the month of May.

Likewise, May’s Netcraft Secure Server Survey reported that Symantec’s SSL brands – VeriSignGeoTrustThawte and RapidSSL are the market leaders, owning 41.72 per cent of the SSL market.

Share this:

Phishing down, spamming up

Last month, we blogged about the increasing number of websites that are adopting Extended Validation SSL – and we wonder if this could have something to do with the decrease in phishing attacks, as outlined in Symantec’s latest MessageLabs Intelligence Report.

According to Symantec, in May phishing activity was 1 in 286.7 emails (0.349 percent), a decrease of 0.06 percentage points since April.

Other notable findings from the report include the increasing sophistication of spamming activity. May’s report outlines fake URL-shortening services which spammers are establishing to perform URL redirection.

Share this:

Linkedin isn’t always ‘linked in’

Like Facebook and Twitter, it has come to light that professional networking site Linkedin doesn’t encrypt all of its web pages.

Sites like Linkedin – that request personal or sensitive information – should not only be protecting their users with SSL encryption, but they should be using the strongest SSL encryption available.

Share this:

Impersonating Androids

Rice University IT professor, Dan Wallach, says Android users are under threat of network eavesdropping.

Wallach has found several of Google’s Android apps, including Google calendar, don’t use SSL encryption to protect their network traffic. Impersonation attacks are also a possibility, says Wallach, because of this lack of SSL security.

The number of people accessing the internet from mobile devices grows daily, making mobile-compatible SSL security essential for any business with a website that requests personal data from its users.

Share this:

68% growth in EV SSL last year – still not enough says Online Trust Alliance.

In the last year over 35,000 EV SSL certificates were issued, according to the Online Trust Alliance (OTA). That’s a growth of 68%. Sounds good, but that actually only represents 45% of retail and banking sites which are now protecting their customers with Extended Validation.

Online fraud, like identity theft and phishing, is on the increase, says the OTA - and any business that requests financial or personal information online should protect its customers (and itself) with Extended Validation SSL.

Share this:

At Google AdWords, 'SSL' is the word

Consumers who click on online ads should feel safe in the knowledge that if they choose to enter personal or financial information, it is protected. That is the word from Google AdWords, who will be changing their security policy on 17 May.

All AdWords advertisers that request sensitive information on their sites will need to offer their visitors SSL security. And if they don’t, Google has said it will suspend ads or accounts.

Share this:

Targeted cyber crime at two year high

Security giant Symantec has released an intelligence report which shows targeted attacks were at a two year high this month. In April 2011, intercepted 85 fraudulent emails per day, the highest figure since the run up to the G20 Summit in March 2009.

Share this:

Top security tips for Smartphone and tablet users

With the number of Smartphone and tablet owners soaring, here we offer three top tips for keeping your mobile devices – and your personal data – safe.

  1. Be strong. Many people use the same password for all of their online accounts. Set strong and unique passwords. Use numbers and punctuation to make them impossible to guess.
  2. Keep it real. Don’t download fake apps. They can be hard to spot and can end up stealing your personal data. Download a mobile security programme to scan apps before you add them to your device.
  3. Only visit websites that offer SSL encryption when you are on a Wifi network. And if you run a business, make sure you offer your online customers and visitors SSL security that’s compatible with mobile devices.
Share this:

With online fraud on the increase, why are only 2% of us using EV SSL?

In a recent report from Netcraft, Extended Validation SSL ownership accounted for only 2.3% of all valid third party certificates.

It seems that cost and vetting procedures are stopping businesses from adopting EV SSL. But with online fraud predicted to increase this year, businesses should reconsider Extended Validation.

Not only does EV SSL offer the best protection for online businesses and their customers, a recent white paper from Symantec shows that it increases online transactions and sales as well.

Share this:

Malware @Twitter

As Twitter gets set to celebrate its fifth birthday, security company Kaspersky Lab takes a look at five years' of malware attacks on the social networking site.

Most recently, in May 2010, a bug was discovered which allowed a malicious user to force others to follow them on Twitter, while in 2008 cybercriminals set up an ad for an erotic video which, when clicked, infected users with a Trojan-downloader declaring to be a new version of Adobe Flash.

Share this:

French retail giant chooses GlobalSign EV

Petit Bateau – one of the few French brands to establish itself as a worldwide name – has chosen GlobalSign to secure its online customers.

Share this:

New VeriSign app

The VeriSign Identity Protection (VIP) Access for Mobile credential for the iPad can now be bought from the App store.

The latest download to join thousands of new apps from Apple, will keep users safe with a dynamic one-time password which needs to be used in conjunction with another password and username.

Share this:

Will 2011 beat 2010’s 286 million security threats?

Symantec’s latest ‘Internet Security Threat Report’ is out, and it states there were 286 million threats to security last year. It also predicts an increase in online attacks, like malware, in 2011.

Share this:

Passport to success for businesses with new site ratings

GlobalSign and community-based ratings service, Web of Trust, have joined forces to enhance websites with a new level of online trust.

As part of GlobalSign’s passport service, businesses can now choose to display ratings of their website/s, as judged by site users.

Share this:

Majority of top sites secured by Symantec

The latest Alexa Netcraft results are in, and Symantec has come out on top, owning over 70% of SSL certificates on the world’s most popular websites.

Share this:

Facebook boosts Android security

Until recently, data on the Facebook for Android application was unencrypted – leaving users’ personal information open for interception. Unsecured, hackers could easily post on someone else’s Facebook account.

Highlighting the need for mobile SSL encryption, Facebook has now boosted the Facebook for Android app’s SSL security.

Share this:

February phishing

According to security company, Symantec, there was nearly a 40% increase in phishing in February 2011.

Malware is also on the increase, says security research company, Pandalabs, with an extra 10,000 cases per day, compared to last year’s figures.

Share this: