There are many risks that come with the implementation of security using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol. Attacks can be formulated against the SSL/TLS protocol, the protocol may have been designed improperly by the server vendor, the certification authority (CA) could be attacked or you may implement SSL/TLS improperly on your server.
The Trustworthy Internet Movement surveys about 200,000 sites each month, grades them and ranks them by status through their SSL Pulse. Nearly a quarter of the protected sites receive an F.
These sites support SSL 2.0 and SSL 3.0, have insecure cipher suites, have small keys and support RC4.
The issues with the poorly graded sites are not system defects; they are the result of improper configuration and deployment.
At LAWtrust we aim to provide you with tips and hints and expert deployment knowledge. All while encouraging you to take an Always-On SSL approach and recommend you acquire your certificatesfrom a reliable CA.
The SSL/TLS Deployment Best Practices approach details all of the areas that should be deployed properly and regularly monitored and maintained when deploying SSL/TLS:
Contact our team of SSL experts if you need any advise with your next certificate install, we are here to help
Phone: +27 (12) 676 9240