The Online Trust Alliance performs a yearly audit of top consumer sites and how they handle customer data, security, and privacy, in the most recent online trust security audit, only 30% of sites tested passed a basic security audit.
At DigiCert we take the OTA’s work very seriously, and we are members of the highest level (Platinum – Leadership Circle). As a Certification Authority, we are dedicated to maintaining and improving the security and trustworthiness of the Internet through standards and best practices.
Our Engineering team spends a considerable amount of time and resources ensuring the security of our systems for our customers. We also have dedicated industry relations management team members who focus on promoting security best practices and standards across a variety of industries. We are proud to be named, once again, to the OTA’s honor roll for continuing to lead our industry in safeguarding data and enhancing privacy and trust online.
The yearly Online Trust Alliance audit report points out some interesting statistics regarding how sites handle customer data and that staying ahead in of threats is an ongoing effort.
Only 30% of all sites tested passed the data security audit
Twitter won the overall score for data security and American Greetings was named top Internet retailer safeguarding data. The banking sector as a whole make the biggest improvements in security scores with improvements in privacy policies and account security options.
Social sites had a general decline in their security scores. As more of us interact online on social sites, sharing more and more personal details with friends, family, co-workers, and others, the failure to maintain the highest levels of data security is reason to be concerned. The nature of information contained on these sites also means that data security incidents on these sites have a higher probability of resulting in accompanying identify theft.
Only 4% of news/media sites made the data security honor roll. Think about how much of your personal information you have available in your accounts with media or news websites.
Nearly 90% of sites tested passed the SSL and server configuration audit
SSL encryption is the backbone of Internet security. As a Certificate Authority and provider of high assurance SSL Certificates and application Code Signing Certificates, we were delighted to see so many of our customers pass their SSL and server security audit.
SSL Certificates are critical to keeping data secured online. Having SSL configured correctly and ensuring the servers are free from security vulnerabilities shouldn’t be limited to organizations with large IT budgets, services like the DigiCert Certificate Inspector, offer a free cloud-based SSL Certificate management platform for administrators to manage SSL installation and server security. The unique Certificate Inspector algorithm assigns grades to SSL Certificates and provides an easy to follow list of remediation actions if problems are found.
Instantly Manage SSL Certificates for Free
Instant Discovery also allows enterprises to tap into the vast store of certificate data found publicly on the Internet to find certificates they didn’t even know they had. Using Certificate Inspector, administrators can quickly identify all SSL Certificates used on a network and make certificate lifecycle management easy.
Once administrators have verified their domain authority, they can access data about certificates issued to their domain but installed on a vendor’ or partner network resource, allowing for full control of your brand’s identify and security even on networks beyond their control.
Positive trust rating trends
Aside from a few isolated cases, the general trend in data security remains positive as the OTA’s online trust index continues to rise year-over-year. While there is still room for improvement related to how email, web tracking, and privacy policies are handled, SSL Certificate usage and proper server configuration remain a priority in the enterprise space.