Keeping Your Data Safe
Symantec Matt Dec 6, 2013 at 8:51 AM | SECURITY
Symantec is a Spiceworks Partner.
HO HO HO....Seasons Greetings my Spicy Elves!
Wow...there has been a LOT going on the past couple of weeks with regard to hacks, breaches and other security related activity. That being said, lots of folks have been clamouring for the world's large security companies, Symantec included, to be more open about the role they play in world security in the broader context. The following blog post from Symantec VP of Trust Services Products & Services, Tom Powledge. Check it out:
There's been plenty in the news recently regarding encryption and SSL – which has led some people to wonder how safe the technology really is. As the leader of Symantec's Trust Services Products & Services organization, I want to assure you that SSL is safe. Below is some information that may help you understand why, and also inform you about the current state of SSL security.
First, the fundamental key strength of RSA 2048-bit certificates is solid and without question. Independent cryptography experts have confirmed this, and highly-respected publications such as the MIT Technology Review have published articles on the subject. As always, organizations that use SSL should make sure they use the strongest algorithms available.
Customers of SSL certificates should take specific actions to safeguard the security of their server-side private keys. They should put in place powerful network protections and should never utilize tools where private keys are revealed to third parties. Symantec never takes possession of any customer's SSL private keys.
Lastly, and perhaps most importantly, Certificate Authorities that issue SSL certificates must never share the private keys of their roots. The trust in SSL by everyone – from end-users, to the companies that they communicate with, to the browsers that enable secure connections – all depend on Certificate Authorities to provide unequivocal security of their root keys.
As the world’s largest and most trusted Certificate Authority, we use best-in-class security processes to protect our roots. We do not share our private keys with any third-party company, government, organization or individual. To repeat: We never share our root keys, and never will. Period.
We are committed to ensuring our customers can use SSL safely and we recommend that customers take important, but simple steps to proactively protect their private keys. To learn more about Symantec's SSL offerings, please go tohttp://go.symantec.com/ssl.
Another great site to check out is our SSL Certificates Explained. It looks like an infographic, but mouse over the little blobs and you'll get all kinds of great info from many different sources, not just Symantec. A good reference page for those who are looking for info on SSL.
Thanks!
Matt
No comments:
Post a Comment