Secure your website properly using a modern SSL certificate
18 September 2015
A valid SSL certificate set-up in a correct fashion, using modern TLS security protocols and modern ciphers is the first step in securing your website.
Unless your website is a simple static brochure website, then the installation of a SSL certificate is a must. If there is any kind of user interaction, then an SSL certificate provides security, encryption and also trust. As well as protection and confidence a secured website provides it can also help your Google ranking as websites secured with SSL receive benefits via Google's search algorithms.
Having a properly secured website is part marketing strategy and part practical. When a visitor to your website sees a padlock, a green bar, and the HTTPS prefix on the website address it gives them a, part justified, sense of trust in your website. Any business that sells on-line or has any kind of customer interaction should have an SSL certificate installed on their website to enhance their business reputation.
Oscura are a re-seller of trust products. Our position in the market enables us to supply an SSL product that is relevant to your needs. We only supply first class SSL certificates that will be recognised and approved by all major browsers. All our certificates are SHA-2 and provide the strongest 2048-bit encryption. We can supply certificates for individual websites, certificates with EV (Extended Validation), and wildcard certificates for multiple sites on your domain. All our certificates can be transferred between servers to use as you need. However, where we differ from bulk providers, is that we can set-up the entire process for you: from the CSR key request, to the application, to the resulting installation of the issued certificate.
Having a relevant SSL certificate is one thing. However, it still needs to be correctly set-up and installed on a server that supports the correct security protocols and ciphers.
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network.
SSL and early versions of TLS have well documented vulnerabilities. It is important that your website uses a server that supports TLS 1.2 and modern cipher suites. Using Google's Chrome browser and visiting secured websites it is possible to check how secure your connection to that website is. Click the green padlock next to a secure website address, click "connection" and see for yourself.
Some examples are below and were taken from visits to their websites today (18 September 2015) and compare Oscura's use of a secure certificate to some big business names. A large UK bank is still using the vulnerable TLS 1.0 when you visit their website. A big bulk domain name supplier with oversea call centres is using TLS 1.2 but with obsolete ciphers.
Of course, a valid SSL certificate set-up in a correct fashion is only one part of securing your website. However, it is a simple cost-effective first step. If you would like to purchase a certificate, get one correctly installed, or would simply like to talk through the options then please contact us to find out more.