Frequently Asked Questions. Frequently Asked Questions: Securing the Future of Trust on the Internet

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Frequently Asked Questions. Frequently Asked Questions: Securing the Future of Trust on the Internet"

Transcription

1 FREQUENTLY ASKED QUESTIONS: SECURING THE FUTURE OF TRUST ON THE INTERNET Frequently Asked Questions Frequently Asked Questions: Securing the Future of Trust on the Internet

2 Securing the Future of Trust on the Internet CONTENTS Q1: What is PKI and how does it relate to SSL certificates?... 3 Q2: How do certificate authorities use PKI?... 3 Q3: Why is PKI so important to the future of the Internet?... 3 Q4: Why are some people questioning the future of the PKI ecosystem?... 3 Q5: Are there viable alternatives to PKI?... 4 Q6: What are the CA/Browser Forum Baseline Requirements? Q7: What are the key elements of a robust PKI ecosystem?... 4 Q8: What is an online revocation check and why is it important?... 5 Q9: What is soft-fail behavior and why does it create problems for online revocation checking?... 5 Q10: How can website operators help protect the PKI ecosystem?... 5 Q11: How can I be sure that the websites I visit are safe and trustworthy?

3 Q1: What is PKI and how does it relate to SSL certificates? PKI stands for public key infrastructure. PKI at its base form is an electronic information repository that ties entities to key pairs, but also includes the hardware, software, personnel and practices used to create and manage SSL certificates on the public Internet. TLS/SSL relies on PKI to provide authentication of the server to the client, and to optionally authenticate the client to the server. Q2: How do certificate authorities use PKI? The type of PKI used for SSL/TLS requires a third party to issue certificates used to mediate the authentication between entities interested in engaging in transactions. This third party verifies that the entity requesting a certificate is who or what the entity purports to be and then issues a certificate. Third parties that broker trust in this manner are called Certificate Authorities (CA). Symantec, the #1 provider of SSL online, operates a certificate-based PKI ( Symantec Trust Network ) to enable the worldwide deployment and use of SSL certificates by Symantec, its affiliates, their respective customers, subscribers, and relying parties. 1 Q3: Why is PKI so important to the future of the Internet? PKI is the only technology that can meet the rapidly growing need for online security and trust so that people can connect with confidence and safely share information online now and in the future. There are three key reasons why PKI provides the best platform for online security and trust: Massive scalability PKI has provided a stable platform for the growth of Web-scale e-commerce, and offers the economies of scale required to meet the rapidly growing demand for a secure online experience driven by mobile, cloud and social technologies. Authentication The PKI trust model provides a deterministic way to make assurances about the a) security, b) integrity and c) identity of an organization. Strong encryption PKI enables the use of encryption to ensure the confidentiality and integrity of private data when it is transmitted over the public Internet. PKI is the only single technology platform that delivers the economies of scale necessary for future growth; ensures trust between parties on first contact; and protects the confidentiality and integrity of data in transit on the public Internet. Q4: Why are some people questioning the future of the PKI ecosystem? The CA breaches in 2011 sparked a debate as to whether SSL certificate technology and the entire CA industry that distributes it is fundamentally broken. Fortunately, the answer is categorically and unequivocally no. SSL technology still provides excellent protection against evolving cyber security threats. With the right tools and processes, CAs should be fully capable of providing the greatest assurance possible that their certificates and the websites that use the certificates are genuine and safe for online business. 1 Netcraft SSL Survey, 6/2012; includes subsidiaries, affiliates, and partners. 3

4 However, the events of 2011 are proof-positive that best practices have not been consistently implemented, and that some CAs do not provide equal levels of assurance about security or trust. And yet under the current system, all CAs are trusted equally once they have been added to a browser s root list. This fundamental problem of equal trust without equal assurance must be addressed in order to ensure the future of the PKI ecosystem. Q5: Are there viable alternatives to PKI? A number of emerging technologies, such as DNSSec, Perspectives, and Sovereign Keys, have been proposed as possible solutions to the challenges currently facing PKI and SSL/TLS. While it is important to support and discuss these types of initiatives, they are all considered band-aids that solve point problems, not complete replacements for PKI. Furthermore, these proposals are also largely untested and unproven, whereas PKI has more than a decade of experience and expertise behind it something that can t be developed overnight, regardless of technical merits. Q6: What are the CA/Browser Forum Baseline Requirements? Symantec and other members of the CA/Browser Forum took the first step towards a more robust, sustainable PKI ecosystem in December 2011 with the release of Baseline Requirements for the Issuance and Management of Publicly- Trusted Certificates, the first international baseline standard for the operation of Certification Authorities (CAs) issuing SSL/TLS digital certificates natively trusted in browser software. This standard, which goes into effect on July 1, 2012, describes an integrated set of technologies, protocols, identity-proofing, lifecycle management, and auditing requirements that are necessary for the issuance and management of publicly-trusted certificates. Q7: What are the key elements of a robust PKI ecosystem? The importance of establishing common baseline requirements cannot be overstated. However, these requirements do not address all of the issues relevant to the issuance and management of trusted certificates on the public Internet, and are intended as a starting point of what is an ongoing effort to improve security practices. Symantec strongly believes that a healthy, robust PKI ecosystem requires three key pillars as its foundation: Strong, standardized certificate authority security policies and practices. A robust, agile and highly available digital certificate infrastructure. Stricter security standards for Web browser and Web server software. Some of these objectives can be met simply by following existing standards, guidelines and policies. Other objectives will require the disciplined implementation of stricter policies and stronger security specifications. All of these objectives must be met in order to ensure the long-term health of the PKI ecosystem and to prevent further erosion of trust. 4

5 Q8: What is an online revocation check and why is it important? In addition to protecting valid certificates, CAs have a duty to publish up-to-date status of certificates (whether a certificate is valid or revoked). Historically, they accomplished this by creating a Certificate Revocation List (CRL) and signing it with their private key. Web browsers regularly checked these CRLs to see if any certificates have been revoked. Today OCSP (Online Certificate Status Protocol) is the protocol most commonly used by browsers to obtain the revocation status of an SSL certificate, and obtaining quick responses to OCSP queries is critical to the user experience. The CA/Browser Baseline Requirements state that all CAs must operate and maintain its CRL and OCSP capability with resources sufficient to provide a response time of 10 seconds or less under normal operating conditions. 10 seconds is a very long time for a user to wait for a response. Symantec alone handles on average 4.5 billion OCSP lookups every day, with an average response time of less than half a second, and typically updates its OCSP and CRL systems within 5 minutes of revocation. Q9: What is soft-fail behavior and why does it create problems for online revocation checking? Currently, most Web browsers use a soft-fail approach to online revocation checks; blocking access to the website only if a revoked response is returned. If no response is received, the browser allows the user to continue with no warning. Symantec believes that Web browser developers can and should implement hard fail behavior so that users are stopped from (or at least warned before) proceeding to a website when a revocation check fails. This feature should not impact the user experience if CAs live up to their responsibility and provide timely, reliable responses to online revocation checks. Q10: How can website operators help protect the PKI ecosystem? The first step is to implement Always On SSL, a fundamental, cost-effective security measure that provides end-to-end protection for website visitors. Always On SSL is not a product, service, or replacement for existing SSL certificates, but rather an approach to security that recognizes the need to protect the entirety of a user s session, not just the login screen. Always On SSL starts with the site-wide use of HTTPS, but it also means setting the secure flag for all session cookies to prevent their contents from being sent over unencrypted HTTP connections. For additional security and trust, extended validation (EV) SSL Certificates offer the level of authentication and trigger browsers to give users a very visible indicator that the user is on a secured site by turning the address bar green. This is valuable protection against a range of online attacks. A Symantec sponsored consumer survey of internet shoppers in Europe, the US and Australia showed the SSL EV green bar increases the feeling of security for most (60 percent) shoppers. 2 2 Symantec Online Consumer Study (UK, France, Germany, Benelux, US and Australia) conducted in January

6 SSL/TLS alone can t protect against all Web-based attacks, but CAs such as Symantec offer daily malware and vulnerability scanning as part of their online trust services, helping customers minimize the risk of malware infection, and to remediate malware infections as quickly as possible. Q11: How can I be sure that the websites I visit are safe and trustworthy? It is important to know that SSL/TLS remains the most effective method of secure Web data transmission, and PKI is the best platform for managing SSL certificates at Internet scale. It is equally critical to remain aware of who is behind the security of the website you are doing business with. Are they reputable? Do they have a proven track record for issuance of certificates? Do they have a robust infrastructure in place to prevent these types of attacks? If the answer is no, it is probably not a safe website to use or visit. 6

7 More Information Visit our website To speak with a Product Specialist in the U.S. Call 1 (866) or 1 (650) To speak with a Product Specialist outside the U.S. For specific country offices and contact numbers, please visit our website. About Symantec Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Symantec World Headquarters 350 Ellis Street Mountain View, CA USA 1 (800) Copyright 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, BindView, Enterprise Security Manager, Sygate, Veritas, Enterprise Vault, NetBackup and LiveState are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. UID:126/7/2012

Frequently Asked Questions. Frequently Asked Questions: Prioritizing Trust: Certificate Authority Security Best Practices

Frequently Asked Questions. Frequently Asked Questions: Prioritizing Trust: Certificate Authority Security Best Practices FREQUENTLY ASKED QUESTIONS: PRIORITIZING TRUST: CERTIFICATE AUTHORITY SECURITY BEST PRACTICES Frequently Asked Questions Frequently Asked Questions: Prioritizing Trust: Certificate Authority Security Best

More information

Securing Your Software for the Mobile Application Market

Securing Your Software for the Mobile Application Market WHITE PAPER: SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET White Paper Securing Your Software for the Mobile Application Market The Latest Code Signing Technology Securing Your Software for

More information

Prioritizing Trust: Certificate Authority Best Practices

Prioritizing Trust: Certificate Authority Best Practices WHITE PAPER: PRIORITIZING TRUST: CERTIFICATE AUTHORITY BEST PRACTICES White Paper Prioritizing Trust: Certificate Authority Best Practices A Policy for Commercial Certificate Authorities Prioritizing Trust:

More information

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software WHITE PAPER: COMPARING TCO: SYMANTEC MANAGED PKI SERVICE........ VS..... ON-PREMISE........... SOFTWARE................. Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

More information

White Paper. Securing the Future of Trust on the Internet The Way Forward for the PKI Ecosystem

White Paper. Securing the Future of Trust on the Internet The Way Forward for the PKI Ecosystem WHITE PAPER: SECURING THE FUTURE OF TRUST ON THE INTERNET White Paper Securing the Future of Trust on the Internet The Way Forward for the PKI Ecosystem Securing the Future of Trust on the Internet CONTENTS

More information

Wildcard and SAN: Understanding multi-use SSL Certificates

Wildcard and SAN: Understanding multi-use SSL Certificates WHITE PAPER: WILDCARD AND SAN: UNDERSTANDING MULTI-USE SSL CERTIFICATES White paper Wildcard and SAN: Understanding multi-use SSL Certificates Leveraging multi-use digital certificates to simplify certificate

More information

How Extended Validation SSL Brings Confidence to Online Sales and Transactions

How Extended Validation SSL Brings Confidence to Online Sales and Transactions WHITE PAPER: HOW EXTENDED VALIDATION SSL BRINGS CONFIDENCE TO ONLINE SALES AND TRANSACTIONS White Paper How Extended Validation SSL Brings Confidence to Online Sales and Transactions How Extended Validation

More information

White Paper. Enhancing Website Security with Algorithm Agility

White Paper. Enhancing Website Security with Algorithm Agility ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

More information

BUSINESS GUIDE SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET THE LATEST CODE SIGNING TECHNOLOGY

BUSINESS GUIDE SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET THE LATEST CODE SIGNING TECHNOLOGY SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET THE LATEST CODE SIGNING TECHNOLOGY Now from CONTENTS 1 THE CHALLENGE 1 A BRIEF REVIEW OF CODE SIGNING 2 THE SOLUTION 2 HOW THE CODE SIGNING PORTAL

More information

Simplify SSL Certificate Management Across the Enterprise

Simplify SSL Certificate Management Across the Enterprise WHITE PAPER White Paper Simplify SSL Certificate Management Across the Enterprise Simplify SSL Certificate Management Across the Enterprise Contents introduction 1 A Platform for Single-Point Control and

More information

Securing Microsoft Exchange 2010 With VeriSign Authentication Services

Securing Microsoft Exchange 2010 With VeriSign Authentication Services BUSINESS GUIDE: SECURING MICROSOFT EXCHANGE 2010 WITH VERISIGN AUTHENTICATION SERVICES Symantec Business Guide Securing Microsoft Exchange 2010 With VeriSign Authentication Services Best Practices for

More information

Securing Microsoft Exchange 2010 with Symantec SSL Certificates

Securing Microsoft Exchange 2010 with Symantec SSL Certificates BUSINESS GUIDE: SECURING MICROSOFT EXCHANGE 2010 WITH SYMANTEC SSL CERTIFICATES Symantec Business Guide Securing Microsoft Exchange 2010 with Symantec SSL Certificates Best Practices for Securing Your

More information

A Quick Guide to SSL for Apps

A Quick Guide to SSL for Apps WHITE PAPER : A QUICK GUIDE TO SSL FOR APPS White Paper A Quick Guide to SSL for Apps A Quick Guide to SSL for Apps CONTENTS Chain Building... 3 The 5 End-Entity & Intermediate Certificate Checks... 4

More information

Beginner s Guide to SSL Certificates

Beginner s Guide to SSL Certificates WHITE PAPER: BEGINNER S GUIDE TO SSL CERTIFICATES White Paper Beginner s Guide to SSL Certificates Making the Best Choice When Considering Your Online Security Options Beginner s Guide to SSL Certificates

More information

Why Digital Certificates Are Essential for Managing Mobile Devices

Why Digital Certificates Are Essential for Managing Mobile Devices WHITE PAPER: WHY CERTIFICATES ARE ESSENTIAL FOR MANAGING........... MOBILE....... DEVICES...................... Why Digital Certificates Are Essential for Managing Mobile Devices Who should read this paper

More information

Website Security Partner Program. Path to Profitability

Website Security Partner Program. Path to Profitability Website Security Partner Program Path to Profitability Website Security Partner Program The Profitable and Safe bet is to Become a Symantec Website Security Partner. Profit by aligning yourself with the

More information

Symantec Managed PKI for SSL Support Overview. How to get quick and convenient customer support

Symantec Managed PKI for SSL Support Overview. How to get quick and convenient customer support WHITE PAPER: SYMANTEC MANAGED PKI FOR SSL SUPPORT OVERVIEW Symantec Managed PKI for SSL Support Overview How to get quick and convenient customer support Symantec Managed PKI for SSL Support Overview CONTENTS

More information

Simplify SSL Certificate Management Across the Enterprise

Simplify SSL Certificate Management Across the Enterprise Simplify SSL Certificate Management Across the Enterprise Simplify SSL Certificate Management Across the Enterprise Introduction The need for SSL certificates has moved well beyond the Buy page to core

More information

White Paper. Simplify SSL Certificate Management Across the Enterprise

White Paper. Simplify SSL Certificate Management Across the Enterprise WHITE PAPER: SIMPLIFY SSL CERTIFICATE MANAGEMENT ACROSS THE ENTERPRISE White Paper Simplify SSL Certificate Management Across the Enterprise Simplify SSL Certificate Management Across the Enterprise Contents

More information

Symantec Managed PKI Service Deployment Options

Symantec Managed PKI Service Deployment Options WHITE PAPER: SYMANTEC MANAGED PKI SERVICE DEPLOYMENT............. OPTIONS........................... Symantec Managed PKI Service Deployment Options Who should read this paper This whitepaper explains

More information

extended validation SSL certificates: a standard for trust THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

extended validation SSL certificates: a standard for trust THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES extended validation SSL certificates: a standard for trust THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES EXTENDED VALIDATION SSL CERTIFICATES: A STANDARD FOR TRUST...1 Who Do You Trust?...1 The

More information

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

FAQ: ECC and DSA Certificates Website Security Solutions. Frequently Asked Questions

FAQ: ECC and DSA Certificates Website Security Solutions. Frequently Asked Questions Frequently Asked Questions FAQ: ECC and DSA Certificates ECC and DSA Certificates CONTENTS Q1: What is DSA?... 3 Q2: What is ECC?... 3 Q3: Which type of certificate will make my web server faster?... 3

More information

Choosing a Cloud Hosting Provider with Confidence

Choosing a Cloud Hosting Provider with Confidence WHITE PAPER: CHOOSING A CLOUD HOSTING PROVIDER WITH CONFIDENCE White Paper Choosing a Cloud Hosting Provider with Confidence Thawte SSL Certificates Provide a Secure Bridge to Trusted Cloud Hosting Providers

More information

WHITE PAPER. Maximizing Site Visitor Trust Using Extended Validation SSL

WHITE PAPER. Maximizing Site Visitor Trust Using Extended Validation SSL Maximizing Site Visitor Trust Using Extended Validation SSL CONTENTS + The Erosion of SSL's Identity Promise 3 + Introducing Identity Visitors Can Trust 4 Internet Explorer 7: Green for Go 4 + How Extended

More information

Wildcard and SAN: Understanding Multi-Use SSL Certificates

Wildcard and SAN: Understanding Multi-Use SSL Certificates Wildcard and SAN: Understanding Multi-Use SSL Certificates LEVERAGING MULTI-USE DIGITAL CERTIFICATES TO SIMPLIFY CERTIFICATE MANAGEMENT AND REDUCE COSTS Wildcard and SAN: Understanding Multi-Use SSL Certificates

More information

Choosing a Cloud Hosting Provider with Confidence

Choosing a Cloud Hosting Provider with Confidence WHITE PAPER: CHOOSING A CLOUD HOSTING PROVIDER WITH CONFIDENCE White Paper Choosing a Cloud Hosting Provider with Confidence Symantec SSL Certificates Provide a Secure Bridge to Trusted Cloud Hosting Providers

More information

Security and Trust: The Backbone of Doing Business Over the Internet

Security and Trust: The Backbone of Doing Business Over the Internet WHITE PAPER: SECURITY AND TRUST: THE BACKBONE OF DOING BUSINESS OVER THE INTERNET White Paper Security and Trust: The Backbone of Doing Business Over the Internet Security and Trust: The Backbone of Doing

More information

CHOOSING A CLOUD HOSTING PROVIDER WITH CONFIDENCE

CHOOSING A CLOUD HOSTING PROVIDER WITH CONFIDENCE WHITE PAPER: CHOOSING A CLOUD HOSTING PROVIDER WITH CONFIDENCE WHITE PAPER CHOOSING A CLOUD HOSTING PROVIDER WITH CONFIDENCE VERISIGN SSL CERTIFICATES PROVIDE A SECURE BRIDGE TO TRUSTED CLOUD HOSTING PROVIDERS

More information

White paper. How to choose a Certificate Authority for safer web security

White paper. How to choose a Certificate Authority for safer web security White paper How to choose a Certificate Authority for safer web security Executive summary Trust is the cornerstone of the web. Without it, no website or online service can succeed in the competitive online

More information

Extended SSL Certificates

Extended SSL Certificates Introduction Widespread usage of internet has led to the growth of awareness amongst users, who now associate green address bar with security. Though people are able to recognize the green bar, there is

More information

Business Continuity and Breach Protection: Why SSL Certificate Management Is Critical to Today s Enterprise

Business Continuity and Breach Protection: Why SSL Certificate Management Is Critical to Today s Enterprise Business Continuity and Breach Protection: Why SSL Certificate Management Is Critical to Today s Enterprise White Paper Business Continuity and Breach Protection: Why SSL Certificate Management Is Critical

More information

The Changing Face of SSL

The Changing Face of SSL The Changing Face of SSL New Realities Demand New Approaches Trend Micro, IncorporatedĀ» SSL underpins almost all online transactions today and the way SSL is sold is exposing organizations to excessive

More information

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration Websense Data Security Suite and Cyber-Ark Inter-Business Vault The Power of Integration Websense Data Security Suite Websense Data Security Suite is a leading solution to prevent information leaks; be

More information

Complete Website Security

Complete Website Security Symantec TM Complete Website Security Symantec is the world s leading provider of Internet trust, authentication and security solutions. Symantec TM Complete Website Security offers you SSL management

More information

8 Key Requirements of an IT Governance, Risk and Compliance Solution

8 Key Requirements of an IT Governance, Risk and Compliance Solution 8 Key Requirements of an IT Governance, Risk and Compliance Solution White Paper: IT Compliance 8 Key Requirements of an IT Governance, Risk and Compliance Solution Contents Introduction............................................................................................

More information

Comodo Certificate Manager. Comodo Enterprise

Comodo Certificate Manager. Comodo Enterprise Comodo Certificate Manager Comodo Enterprise Challenges Enterprises lose track of the SSL certificates on their websites Expired SSL certificates go unnoticed, which leads to customers seeing browser error

More information

Symantec Mobile Security

Symantec Mobile Security Advanced threat protection for mobile devices Data Sheet: Endpoint Management and Mobility Overview The combination of uncurated app stores, platform openness, and sizeable marketshare, make the Android

More information

Enterprise Support Services. Problem Management and Escalation Process REFERENCE GUIDE

Enterprise Support Services. Problem Management and Escalation Process REFERENCE GUIDE Enterprise Support Services Problem Management and Escalation Process REFERENCE GUIDE Symantec s commitment to our customers Symantec is committed to delivering high-quality products and support to our

More information

Athena Mobile Device Management from Symantec

Athena Mobile Device Management from Symantec Athena Mobile Device Management from Symantec Scalable, Secure, and Integrated Device Management for ios and Android Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile

More information

Reducing the Cost and Complexity of Web Vulnerability Management

Reducing the Cost and Complexity of Web Vulnerability Management WHITE PAPER: REDUCING THE COST AND COMPLEXITY OF WEB..... VULNERABILITY.............. MANAGEMENT..................... Reducing the Cost and Complexity of Web Vulnerability Management Who should read this

More information

How to Choose A Certificate Authority For Safer Web Security

How to Choose A Certificate Authority For Safer Web Security WHITE PAPER How to Choose A Certificate Authority For Safer Web Security How to Choose A Certificate Authority For Safer Web Security 1 How to Choose A Certificate Authority For Safer Web Security Contents

More information

Chapter 3 Copyright Statement

Chapter 3 Copyright Statement Chapter 3: Authentication and Verification...34 Standards-Based Verification Process...35 Structure of the CA/Browser Forum...35 EV Policies Governing CAs...36 Compliance Policies...36 Insurance Requirements...37

More information

PUBLIC KEY INFRASTRUCTURE (PKI) BUYERS GUIDE entrust.com

PUBLIC KEY INFRASTRUCTURE (PKI) BUYERS GUIDE entrust.com PUBLIC KEY INFRASTRUCTURE (PKI) BUYERS GUIDE +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Key Considerations When Selecting a PKI Solution Page 4 1. Certification Authority (CA) Page

More information

ENTRUST CLOUD. SSL Digital Certificates, Discovery & Management +1-888-690-2424. entrust@entrust.com entrust.com

ENTRUST CLOUD. SSL Digital Certificates, Discovery & Management +1-888-690-2424. entrust@entrust.com entrust.com ENTRUST CLOUD SSL Digital Certificates, Discovery & Management +1-888-690-2424 entrust@entrust.com entrust.com Entrust Cloud SSL Digital Certificates, Discovery & Management Digital certificates have emerged

More information

Symantec Mobile Management for Configuration Manager 7.2

Symantec Mobile Management for Configuration Manager 7.2 Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices

More information

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1 Scalable, secure, and integrated device management for healthcare Data Sheet: Industry Perspectives Healthcare Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any

More information

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management Mobile Application Management and Protection Data Sheet: Mobile Security and Management Overview provides integrated mobile application and device management capabilities for enterprise IT to ensure data

More information

Basics of SSL Certification

Basics of SSL Certification Introduction To secure transmission of information from browser to a web server, a security protocol is used. SSL (Secure Socket Lock) is one of the most popular and widely accepted security protocols,

More information

Symantec Mobile Management 7.2

Symantec Mobile Management 7.2 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology

More information

WHITE PAPER CHOOSING THE RIGHT SECURITY SOLUTION: MOVING BEYOND SSL TO ESTABLISH TRUST

WHITE PAPER CHOOSING THE RIGHT SECURITY SOLUTION: MOVING BEYOND SSL TO ESTABLISH TRUST CHOOSING THE RIGHT SECURITY SOLUTION: MOVING BEYOND SSL TO ESTABLISH TRUST CONTENTS 1 INTRODUCTION 1 THE INEVITABLE EVOLUTION OF TECHNOLOGY PLATFORMS 1 EXTENDED VALIDATION (EV) SSL: THE GOLD STANDARD FOR

More information

Leveraging Symantec CIC and A10 Thunder ADC to Simplify Certificate Management

Leveraging Symantec CIC and A10 Thunder ADC to Simplify Certificate Management Leveraging Symantec CIC and A10 Thunder ADC to Simplify Certificate Management Identify, Monitor and Manage All SSL Certificates Present Datasheet: Leveraging Symantec CIC and A10 Thunder ADC The information

More information

RECOMMENDATIONS for the PROCESSING of EXTENDED VALIDATION SSL CERTIFICATES January 2, 2014 Version 2.0

RECOMMENDATIONS for the PROCESSING of EXTENDED VALIDATION SSL CERTIFICATES January 2, 2014 Version 2.0 Forum RECOMMENDATIONS for the PROCESSING of EXTENDED VALIDATION SSL CERTIFICATES January 2, 2014 Version 2.0 Copyright 2007-2014, The CA / Browser Forum, all rights reserved. Verbatim copying and distribution

More information

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication

More information

Endpoint Management and Mobility Solutions from Symantec. Adapting traditional IT operations for new end-user environments

Endpoint Management and Mobility Solutions from Symantec. Adapting traditional IT operations for new end-user environments Endpoint Management and Mobility Solutions from Symantec Adapting traditional IT operations for new end-user environments During the past few years the traditional concept of end-user computing has drastically

More information

Data Sheet: IT Compliance Payment Card Industry Data Security Standard

Data Sheet: IT Compliance Payment Card Industry Data Security Standard The (PCI, or PCI DSS) was developed by the PCI Security Standards Council to assure cardholders that their details were secure during payment card transactions. The Council, which now governs the Standard,

More information

Cloud, Appliance, or Software? How to Decide Which Backup Solution Is Best for Your Small or Midsize Organization.

Cloud, Appliance, or Software? How to Decide Which Backup Solution Is Best for Your Small or Midsize Organization. WHITE PAPER: CLOUD, APPLIANCE, OR SOFTWARE?........................................ Cloud, Appliance, or Software? How to Decide Which Backup Solution Is Best for Your Small or Midsize Who should read

More information

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology,

More information

Licensing Symantec Certificates

Licensing Symantec Certificates WHITE PAPER: LICENSING SYMANTEC CERTIFICATES White Paper Licensing Symantec Certificates Securing Multiple Web Server and Domain Configurations Licensing Symantec Certificates Securing Multiple Web Server

More information

Internet Trust Marks: Building Confidence and Profit Online

Internet Trust Marks: Building Confidence and Profit Online WHITE PAPER - INTERNET TRUST MARKS: BUILDING CONFIDENCE AND PROFIT ONLINE White Paper Internet Trust Marks: Building Confidence and Profit Online Internet Trust Marks - Building Confidence and Profit Online

More information

SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION

SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION I. DEFINITIONS For the purpose of this Service Description, capitalized terms have the meaning defined herein. All other capitalized

More information

Symantec Control Compliance Suite. Overview

Symantec Control Compliance Suite. Overview Symantec Control Compliance Suite Overview Addressing IT Risk and Compliance Challenges Only 1 in 8 best performing organizations feel their Information Security teams can effectively influence business

More information

Extended Validation SSL Certificates

Extended Validation SSL Certificates Extended Validation SSL Certificates A NEW STANDARD TO INSPIRE TRUST, improve confidence and increase sales... INDEX 1. Extended Validation (EV) SSL Certificates solving a trust problem 2. Traditional

More information

VIRTUALIZING BUSINESS-CRITICAL APPS. Maximizing Business Value: Strategies for Virtualizing Business-Critical Applications

VIRTUALIZING BUSINESS-CRITICAL APPS. Maximizing Business Value: Strategies for Virtualizing Business-Critical Applications WHITE PAPER: VIRTUALIZING BUSINESS-CRITICAL APPS Maximizing Business Value: Strategies for Virtualizing Business-Critical Applications Contents Executive summary 1 The promise of virtualization 1 Stepping

More information

Gain a New Level of Trust with Extended Validation SSL Certificates

Gain a New Level of Trust with Extended Validation SSL Certificates Gain a New Level of Trust with Extended Validation SSL Certificates Higher Standard for SSL Certificates Malicious Internet activities such as phishing and pharming have victimized millions of people.

More information

The Benefits of SSL Content Inspection ABSTRACT

The Benefits of SSL Content Inspection ABSTRACT The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic

More information

Symantec's Continuous Monitoring Solution

Symantec's Continuous Monitoring Solution Preparing for FISMA 2.0 and Continuous Monitoring Requirements Symantec's Continuous Monitoring Solution White Paper: Preparing for FISMA 2.0 and Continuous Monitoring Requirements Contents Introduction............................................................................................

More information

Addressing the blind spots in your security strategy. BT, Venafi & Blue Coat

Addressing the blind spots in your security strategy. BT, Venafi & Blue Coat Addressing the blind spots in your security strategy BT, Venafi & Blue Coat Agenda Welcome & Introductions Phil Rodrigues, Director of Security Architecture, Asia Pacific, BT A blueprint for the perfect

More information

North American Electric Reliability Corporation (NERC) Cyber Security Standard

North American Electric Reliability Corporation (NERC) Cyber Security Standard North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation

More information

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud Blue skies ahead? Yes if you are protected when you move to the cloud. Lately, it seems as if every enterprise

More information

Reducing the Cost and Complexity of Web Vulnerability Management

Reducing the Cost and Complexity of Web Vulnerability Management WHITE PAPER: REDUCING THE COST AND COMPLEXITY OF WEB..... VULNERABILITY.............. MANAGEMENT..................... Reducing the Cost and Complexity of Web Vulnerability Management Who should read this

More information

Simplify Your Windows Server Migration

Simplify Your Windows Server Migration SOLUTION BRIEF: ENDPOINT MANAGEMENT........................................ Simplify Your Windows Server Migration Who should read this paper Windows Server 2003 customers looking to migrate to the latest

More information

Symantec Business Critical Services for the Enterprise

Symantec Business Critical Services for the Enterprise Symantec Business Critical Services for the Enterprise Information is the currency of today s enterprise. Yet that information is increasingly at risk. Downtime is expensive, and IT departments can t afford

More information

Advanced Service Desk Security

Advanced Service Desk Security Advanced Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. gotoassist.com Many service

More information

White Paper. Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise

White Paper. Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise WHITE PAPER: BUSINESS CONTINUITY AND BREACH PROTECTION White Paper Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise Business Continuity and Breach

More information

Current Initiatives in Global PKI Establishing Trust in Public and Private Sectors. Donald E. Sheehy, CA*CISA, CRISC, CIPP/C Associate Partner

Current Initiatives in Global PKI Establishing Trust in Public and Private Sectors. Donald E. Sheehy, CA*CISA, CRISC, CIPP/C Associate Partner Current Initiatives in Global PKI Establishing Trust in Public and Private Sectors Donald E. Sheehy, CA*CISA, CRISC, CIPP/C Associate Partner This session will discuss Brief introduction of Public Key

More information

Choosing a Cloud Hosting Provider with Confidence THAWTE SSL CERTIFICATES PROVIDE A SECURE BRIDGE TO TRUSTED CLOUD HOSTING PROVIDERS

Choosing a Cloud Hosting Provider with Confidence THAWTE SSL CERTIFICATES PROVIDE A SECURE BRIDGE TO TRUSTED CLOUD HOSTING PROVIDERS Choosing a Cloud Hosting Provider with Confidence THAWTE SSL CERTIFICATES PROVIDE A SECURE BRIDGE TO TRUSTED CLOUD HOSTING PROVIDERS Choosing a Cloud Hosting Provider with Confidence Introduction Cloud

More information

Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES Understanding SSL Certificates 2 Secure Socket Layer (SSL) certificates are widely used to help secure and authenticate

More information

Citrix GoToAssist Service Desk Security

Citrix GoToAssist Service Desk Security Citrix GoToAssist Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. 2 Many service

More information

The Impact of HIPAA and HITECH

The Impact of HIPAA and HITECH The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients

More information

7 Steps to Windows 7 with Symantec

7 Steps to Windows 7 with Symantec 7 Steps to Windows 7 with Symantec Migrate with confidence Symantec can help you meet the migration challenge and capture the opportunity. With over a decade of experience and more than 300 million successful

More information

White Paper. Keeping Your Private Data Secure

White Paper. Keeping Your Private Data Secure WHITE PAPER: Keeping Your Private Data Secure White Paper Keeping Your Private Data Secure Keeping Your Private Data Secure Contents Keeping Your Private Data Secure............................ 3 Why Encryption?......................................

More information

Confidence in the Cloud Five Ways to Capitalize with Symantec

Confidence in the Cloud Five Ways to Capitalize with Symantec Five Ways to Capitalize with Symantec Solution Brief: Confidence in the Cloud Confidence in the Cloud Contents Overview...............................................................................................

More information

Enterprise Vault 10 Feature Briefing

Enterprise Vault 10 Feature Briefing Enterprise Vault 10 Feature Briefing Nirvanix Cloud Storage This document is one of a set of Feature Briefings which detail major new or changed features in Enterprise Vault 10. This document covers the

More information

Trust or bust: How to make summertime shoppers feel safe online and boost your sales at the same time

Trust or bust: How to make summertime shoppers feel safe online and boost your sales at the same time Trust or bust: How to make summertime shoppers feel safe online and boost your sales at the same time #1 consumer complaint The Federal Trade Commission reported over 332,000 consumer complaints due to

More information

WHITE PAPER. The latest advancements in SSL technology

WHITE PAPER. The latest advancements in SSL technology The latest advancements in SSL technology CONTENTS + Introduction 3 + SSL overview 3 + Server Gated Cryptography (SGC): 4 Enabling strong encryption for the most site visitors + Extended Validation SSL

More information

Desktop and Laptop Option 8.0 Licensing Guide

Desktop and Laptop Option 8.0 Licensing Guide Desktop and Laptop Option 8.0 Licensing Guide Last Update: 2 July 2015 Table of Contents Product Overview... 3 Licensing Overview... 4 Version Upgrade Entitlements and Upgrade Mechanisms... 5 Additional

More information

Symantec Endpoint Protection 12.1.6

Symantec Endpoint Protection 12.1.6 Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly

More information

Managing SSL Security in Multi-Server Environments

Managing SSL Security in Multi-Server Environments Managing SSL Security in Multi-Server Environments VeriSign s Easy-to-Use Web-Based Services Speed SSL Certificate Management and Cuts Total Cost of Security CONTENTS + A Smart Strategy for Managing SSL

More information

Two-Factor Authentication

Two-Factor Authentication WHITE PAPER: TWO-FACTOR AUTHENTICATION: A TCO VIEWPOINT........................................ Two-Factor Authentication Who should read this paper This whitepaper is directed at IT, Security, and Compliance

More information

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious

More information

GeoTrust Extended Validation SSL and Customer Confidence

GeoTrust Extended Validation SSL and Customer Confidence GeoTrust Extended Validation SSL and Customer Confidence Introduction Suspicion, doubt, reluctance, abandonment, and in some cases refusal to shop online at all anymore are growing characteristics among

More information

Web Presence Security

Web Presence Security Web Presence Security Web Presence Security 2 Getting your business online is about reaching out and connecting with millions of potential customers, buyers, and partners. Building a website is the most

More information

Managing SSL Certificates with Ease

Managing SSL Certificates with Ease WHITE PAPER: MANAGING SSL CERTIFICATES WITH EASE White Paper Managing SSL Certificates with Ease Best Practices for Maintaining the Security of Sensitive Enterprise Transactions Managing SSL Certificates

More information

Does your Organization Need a Managed SSL Service?

Does your Organization Need a Managed SSL Service? MSSL Order Guide 1 Ordering Guide for Managed SSL -Product Overview -Ordering Process -Managing your Account Overview of Managed SSL (MSSL) MSSL allows you to manage the complete lifecycle of multiple

More information

EV (Extended Validation) SSL Certificates

EV (Extended Validation) SSL Certificates EV (Extended Validation) SSL Certificates February 2009 EV Extended Validation SSL Certificates Management summary Two years after the launch of EV SSL Certificates mounting evidence suggests that EV SSL

More information

Enterprise Vault Whitepaper Configuring a NAS device as Enterprise Vault storage

Enterprise Vault Whitepaper Configuring a NAS device as Enterprise Vault storage Enterprise Vault Whitepaper Configuring a NAS device as Enterprise Vault storage This document provides background and guidance on how configure Symantec Enterprise Vault with generic Network Attached

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Website Security: It s Not all About the Hacker Anymore

Website Security: It s Not all About the Hacker Anymore Website Security: It s Not all About the Hacker Anymore Mike Smart Sr. Manager, Products and Solutions Trust Services & Website Security Website Security 1 Website Security Challenges Evolving Web Use

More information