We were interested to come across a white paper by Realtime Publishers, titled “Business Security Measures Using SSL,” that discusses the importance of Secure Socket Layer (SSL – it has now evolved to be known as transport layer security [TLS], even though the “SSL” acronym is still used to describe it) data encryption as a cornerstone of an effective security strategy. In addition, the paper outlined the evolution of cybercrime, common vulnerabilities among many businesses, and practices for implementing a business‐centric security management strategy. We found the aforementioned vulnerabilities and technical weaknesses to be the most interesting aspect of this report. They are as follows:
- Unencrypted communications
- Insufficiently patched operating systems and applications
- Insufficient use of antivirus and personal firewalls
- Weak boundary security
- Poor application security
The report also provides a framework for creating a high‐impact security strategy, which entails steps that are divided into three broad categories that address both technical and organizational aspects of security. These steps are as follows:
- Review of business processes and workflows
- Review of technical infrastructure
- Definition of security policies and procedures
It’s imperative to have a full security solution in place, not a partial one. As the report advises, merely protecting information at one point in a business flow isn’t sufficient “because, like a chain, a business process is only as secure as its weakest link,” and the costs of poor security can be exorbitant. SSL provides communication security over the Internet via data encryption and prevents, or at least makes it extremely difficult, for cybercriminals to access sensitive data. DataServ agrees with the paper’s conclusion that all businesses that transmit sensitive data should deploy SSL certificates for secure communications and authentication.
Data security is especially important when it comes to cloud computing, and here at DataServ we work with many of our clients to install the SSL protocol. DataServ supports SSL encryption in our purchase to pay and quote to cash solutions. Our clients’ users have found their experience to be significantly faster and more direct with this data security technology in place.