Categories
News

WEB SECURITY

WEB SECURITY

Are we safe on the web?

Today we are discussing the web security and how to use technology to protect sensitive data on internet.

Nowadays, security can be a very real and common concern when surfing the web since we share a lot of personal and sensitive data.

As a rule, the average website visitor knows only the basics of what web security is all about. Most people are not aware of how important this aspect is, so in today’s article we will be speaking about security.

An average user knows to look for the little padlock icon in their browser to know when they are dealing with a secured page, but let’s try to give some more insights on how this works and why it is so important.

We pass a tremendous amount of sensitive information via the Internet. What is to stop hackers and thieves from tapping into that sensitive information and using it to their own gain?

That is where the SSL (Secured Socket Layer) layer prevents information to be read by other than sender and receiver. Here are some of the most common reasons why a server should always delivery content using secured pages:

  • Protect user identities and passwords
  • Protect credit card transactions and other sensitive information during online purchases
  • Allow users to safely view personal and business financial information
  • Keep secret sensitive corporate information being passed between branches, divisions, etc.

There are many more reasons you may come across a need for security, but the short list above gives you some of the most important ones. So how do we achieve this security using SSL?

Let’s give a look on the steps of a whole interaction between a user and a server when SSL is supported and how this ensure that the interaction is safe:

1) A client (the browser) connects to a web server with a SSL connection requesting a web page

2) The server sends a public Certificate

3) The client validates the Certificate, creates a session key and encrypts it with the public key contained in the Certificate

4) The server decrypts the session key and establishes the encrypted and secure connection.

 

At this point you have an established secure connection. The Certificate that the server sent out is what makes this whole process work. A Certificate is obtained from a Certificate Authority, which is a sort of public notary that verifies the Certificates authenticity. The Certificate contains the common name of the server, making it impossible to use on other servers.

In the next article we will explain more in depth how the interaction occurs and why it guarantees that no other server will be able to read the data you are sending.

If you want to learn more about the security level of Cloud solutions offered by Criticalcase contact us: one of our expert will give you all the information you need and will help you to find the right solution for you.

 
Facebook
Twitter
LinkedIn

Contact us

Fill out the form and one of our experts will contact you within 24 hours: we look forward to meeting you!

Richiedi la tua prova gratuita

Ehi! Stai già andando via?

Iscriviti alla nostra newsletter per restare aggiornato sulle novità dell’universo Criticalcase