Category: Internet Security

Posted on

Why Your Website Needs an SSL Certificate

install ssl certificate

What is an SSL Certificate?

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

If you don’t have an SSL certificate, a secure connection cannot be established, that means, your company information will not be digitally connected to a cryptographic key.

An SSL Certificate has the following information:

  1. Name of the holder
  2. Serial number and expiration date
  3. Copy of the certificate holder’s public key
  4. Digital Signature of the certificate-issuing authority

Why do you need an SSL Certificate?

If your website does not have a trusted SSL certificate, Google Chrome will tag your site as ‘Not Secure’.

Any computer in between you and the server can see any credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to.

What does an SSL Certificate do?

Encrypts Sensitive Information
The information you send on the Internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your usernames and passwords, credit card numbers, and other sensitive information if it is not encrypted. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to.

Protects You From Cybercriminals
Along with advanced technology comes advances in hacking and malicious website intervention techniques. It is impossible to escape cybercrime if your website doesn’t have an SSL certificate. Installing an SSL certificate offers a vital means of defending your website against hacks. Google wants every single site to be immune to hackers and identity thieves so that consumers are better protected. This is the main drive behind their October 2017 movement to tag sites that are not secure.

Builds Trust & Brand Power
With a website secured by an SSL certificate, your site visitors will see visuals like the security lock icon in a green address bar that assures well-trusted encryption is in place.

Before Google flags your website, secure it today with an SSL Certificate. The certificate is not expensive. For instance, Go Daddy is a trusted SSL Certificate provider and you can obtain one for under $99 per year. If you need help installing your SSL Certificate, call Kristi Eakin Design at 214-769-5461. This is a 15 minute process!

Posted on

SSL Certificates

internet security

You Need an SSL Certificate for your Website Now

Does your current web hosting plan allow you to enable HTTPS?

In the Introduction to WordPress Security article in the Wordfence Learning Center, they explain why it is crucial to only log into your website via a secure connection. If you aren’t currently logging into your site securely, drop everything you are doing and go fix that right away. The cost of an SSL certificate is minimal (for instance Go Daddy’s annual SSL certificate is about $70). An attacker who is listening to your network traffic can steal your username and password, taking control of your website if it is not secured. The cost of restoring your site after a hack is expensive and depending upon the severity, could cost thousands given downtime, reinstalling software, restoring backup, etc.

There are additional benefits to running https. It will improve your SEO rankings and it will protect any other data you are capturing via forms and payment screens on the rest of your site.

We strongly recommend that you run an https-only website. If you need help purchasing and implementing an SSL certificate for your site, please email us at info@kristieakindesign.com.

Posted on

Protect Your Site from Hackers

cyber-crimeIn the last year, more and more of my clients have gotten their website hacked.  There are a few simple steps you can take to help prevent cyber-criminals from accessing your website:

  • Software Updates.  Old software makes it easy for cyber-criminals to compromise your site by using widely available exploits. If you have a WordPress site, keep the software and Plug ins current. 
  • Change Passwords and Make Them STRONG. I recommend that my clients change the passwords for their FTP, WordPress dashboard, etc. routinely. Don’t use your name, company name or any easy to figure out combination.
  • Limit Access. Make sure you know who has access to your servers, and that only those people are accessing your servers. If you allow someone access to your FTP temporarily, be sure to cancel that user login once the task is complete.
  • Check Your Server Frequently.  If you have a WordPress site, check your Theme Functions and Header for malware. An unexpected spike in traffic will help alert you that your simple webserver has been turned into a costly spam site.

Just because your company may not store customer credit card data on their server, doesn’t mean it’s not a target. Criminals will use your servers to attack others or to market items like Viagra or Pay Day loans. Taking the time to follow the simple steps above could save you a lot of time and money in the long run.

Posted on

New Trojan Virus Alert

alerts

Security Alert – Mal/JavaJar-B | Threat Alert—Jan. 14, 2013

We are notifying you of a major internet security threat that a new Trojan horse called Mal/JavaJar-B has been found that exploits a vulnerability in Oracle’s Java 7 and affects even the latest version of the runtime (7u10). The malware has currently been seen attacking Windows, Linux and Unix systems.

The Department of Homeland Security said attackers could trick targets into visiting malicious websites that would infect their PCs with software capable of exploiting the bug in Java. An attacker could also infect a legitimate website by uploading malicious software that would infect machines of computer users who trust that site because they have previously visited it without experiencing any problems.

Developers of several popular hacker tools, known as exploit kits, used to attack PCs, have added software that allows hackers to exploit the newly discovered bug in Java to attack computers.

Users can immediately protect themselves in the following ways:

• STOPzilla users will be delivered a patch today which prevents the infection as part of their
normal update service.
• By disabling Java content in their browser
• Downloading the latest version of Java: http://java.com/en/download/java_update.jsp

To disable Java in your browser Go to the Java Control Panel that is installed along with the runtime, and in the Security section uncheck the option to “Enable Java content in the browser,” which will disable the browser plug-in.

Read more about the threat and Oracle’s fix at Foxnews.com or at CNN.com.

Please forward this email to protect your friends and family