Wednesday, February 20, 2013

Business Internet Security: A Beginner's Guide - Part 1 | Small ...


????

Business Internet Security Coming up is going to be another two part blog post talking about business Internet security.

I?m not talking about things I?ve touched on before with business Internet security such as using strong passwords and turning Java off.

I?m going to talk to you about things a bit more complicated but work behind the scenes while you browse the Internet. Still geared towards the beginner so it?ll be easy to understand.

We?re going to talk about Secure Socket Layer (SSL), Transport Layer Security (TSL) and Virtual Private Network (VPN).

Learning Your Business Internet Security Basics

Why is this important for you as a business owner? Because knowing the basics of business internet security will help you be able to make wiser decisions, such as trying to determine if that company who e-mailed or called you out of the blus is actually legit.

We are going to start with website security.

When you load up a website in your browser you know how the beginning of the URL in the address bar will say ?https://? instead of just ?http?? This is the sign of a verified secured website.

What this means is traffic coming in and out of this site is encrypted. Websites that most commonly have https URLs are those that involve anything involving sensitive material, such as personal information and web based email sites.

This is the work of SSL (Secure Sockets Layer) and TSL (Transport Layer Security). In the simplest terms, this is the security between your browser and the website?s server.

The reason I lumped those two together like that is because they are effectively the same thing, except TSL does the exact same thing SSL does only slightly better. That?s not to say SSL doesn?t get used, only TSL is newer and only a little better at what it does.

A basic rule of thumb when it comes to business internet security is: if you are inputting sensitive information, verify that the website address says https in the URL bar before submitting any information.

Certification Validations

There is another part to this that goes hand-in-hand and is not in the responsibility of the web browser, or the person browsing but on the server hosting the website you are connecting to.

That being that the server has a valid certificate that says ?yes, we are who we say we are?.

The most common company that companies usually get their certificates from you?ve probably heard of once or twice while browsing; Verisign. The purpose of a certificate is so that when you browse to a site you don?t get taken to another site saying ?Hey, we are who you wanted to browse to? but have no connection whatsoever with the actual company.

By having a valid certificate you can be assured the site you?re going to is legit.

Expired Certificates

If a certificate expires, for your safety the browser should tell you ?Hey! This website?s certificate expired!? You are given either the option to navigate away from the site, or trust the site is still the same and proceed anyway.

It?s on the website administrator?s responsibility to renew the certificate.

These aren?t like pay once and never worry again. Think of them more like yearly subscriptions. They have to be renewed so websites can continue to use them.

That?s all for this blog post about business Internet security! In the next one we will talk about VPN, and why it not only establishes a connection with a server so you can get access to files not on your home network, but why it is also a secure connection so your data in transit doesn?t get hacked.

How vast is your knowledge regarding business Internet security? Did we miss something you think we should cover? Let us know!

Tags: business internet security, security for beginners, ssl, tsl, web security, website certificates

This entry was posted on Monday, February 18th, 2013 at 4:35 PM and is filed under security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Source: http://www.infinitechusa.net/blog/2013/02/18/business-internet-security/

al gore la dodgers lawrence o donnell magic johnson jetblue pilot solicitor general neighborhood watch

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.