Test Security Brief

SECURE WEBSITES EXPLAINED

Most websites currently use the insecure HTTP connection.

This means that the identity behind the website is not verified, and the communication between a device (computer, tablet, smartphone etc) and the website being visited is sent in clear text and can be intercepted and read by others.

To make a website secure the owner needs to purchase and install a security certificate called SSL (Secure Sockets Layer).

VERIFIED WEBSITES

SSL certificates are issued by recognized authorities and will verify that the website and those behind it are legitimate.

The verification confirms to visitors that you are who you say you are giving them confidence.

phishing websites

This helps protect a website against phishing which is when another site attempts to impersonate a legitimate site.

PRIVATE CONNECTION

The second thing an SSL certificate provides for a website is privacy by encrypting the communication between the device and the website.

This means that your communication can not be intercepted and read by anyone else.

This is particularity important for websites that handle sensitive data such as passwords and financial records.

This encryption all goes on behind the scenes and is indicated to the user in the address by either the URL (website address) being preceded by HTTP: // (insecure connection) or HTTPS:// (secure connection)

There are other indicators of a secure connection which are dependents on the browser and tryp of certificate being used. These include a closed padlock appearing before the URL, and part or all of the web address bar being shown in green.

FIVE REASONS WHY WEBSITE OWNERS URGENTLY NEED TO IMPLEMENT SSL