Bad Certificates

Transport Layer Security (TLS) certificates are small data files that digitally bind a cryptographic key to an organisation’s details (these are also known as SSL Certificates). When installed on a web server, or embedded into a web application, it invokes the https protocol (over port 443) and allows secure connections from a web server to a browser and appears to the user as the padlock in the internet browser 

Typically, TLS is used to secure credit card transactions, data transfer and logins, and is the norm for ensuring secure browsing of social media and internet shopping sites. 

Although, are you sure that the padlock that is on your website is connecting your customers to your information securely? Often websites are deployed on hosting platforms that offer lower level security than you would expect on your corporate network. Maybe your certificate information has been stolen and redirected to an unethical attacker that is collecting credit card details….

Cryptography is complicated and intricate and not something that the average person understands. While you can scan, using free tools, how many of us really understand the output from the scanner? 

The Australian Cyber Security Centre (ACSC) provides policy and best practice for the successful management of TLS (SSL) certificates, however, to have confidence in your online presence you need experience to develop good governance and successful cultural awareness. 

Strategic Reform have the knowledge and experience to assist you and your business in becoming more secure through transformation and maturity improvement. 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *