Security 101 06-23-2016

SSL/TLS: Just the Beginning for Data Security

Elizabeth Baier

Here at DigiCert, we often say that SSL/TLS is the de facto standard of Internet security, and we mean it. SSL Certificates (and PKI on a larger scale) is a proven solution for securing in-transit data for websites, cloud-based platforms, apps, and more. However, installing a SSL Certificate is just the first step if an organization wants to ensure secure communications.

Leveraging Certificates to Solve Challenges

Most business owners are aware of the benefits and function of a run-of-the-mill SSL Certificate, which includes OV and EV, multi-domain, and wildcard types. But what some might not know is that there are variations of SSL products designed to meet specific needs and secure different types of data depending on who is sending it, who is receiving it, and the intended purpose of the data.

Challenge

A business owner wants to provide customers with added trust and brand assurance.

Solution

An Extended Validation Certificate uses the highest level of authentication to secure one domain, and EV-secured websites are given exclusive visual cues from the browser such as a branded green URL in the address bar. An EV Certificate is a standard type of SSL Certificate and protects data transmitted between a website user and the server.

Challenge

A developer needs to confirm a software code’s origin and ensure it is not altered before download.

Solution

A Code Signing Certificate allows programmers or manufacturers the ability to digitally “sign” or authenticate software (essentially give their stamp of approval), so users know the code is authentic and has not been tampered with upon download. Code Signing Certificates protect data in transit between the developer and the user.

Challenge

A professional needs a legally binding document transmitted electronically that cannot be tampered with.

Solution

Document Signing uses the concept as code signing, but instead applies to documents such as PDFs, Office files, and OpenOffice. This comes in handy for executives in approval-heavy roles, as well as legal and real estate industries, where there is a lot of document exchanging. DigiCert document signing is backed with two-factor authentication, and protects data in transit between the document sender and the receiver.

Challenge

An employer wants to use a certificate to encrypt employees’ emails and have an added layer of security.

Solution

Client Certificates (sometimes called personal ID certificates) are an extra security measure. Extending beyond a username and password combo, a Client Certificate digitally identifies a person using an authentication server. These certificates can be used to authenticate emails and control access to certain servers or websites, protecting data in transit between a computer user and a sensitive destination.

The Most Effective Way to Secure Data

SSL is the most effective way to secure enterprise communications with encryption, which protects businesses, employees, and customers. DigiCert offers a full suite of SSL products and also offers free enterprise-level certificate management tools. Complete SSL security takes continuous monitoring, and regular renewal and remediation. If you have any questions about the type of SSL Certificate you need for a specific purpose, contact our support team at support(at)DigiCert(dot)com.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

Why Matter needs to toughen up

National Cybersecurity Awareness Month:
October 2024