Category Archives: Security

Security

How to know if your server’s been hacked (and what to do)

258 Comments

Is your server compromised right now? Do you have measures in place to check consistently?

If you are like most business owners, you can’t definitively answer these questions. Not knowing puts your business in serious jeopardy.

The truth is checking your server isn’t hard if you have the right service. I’ll detail out an easy to use and very affordable service later in this article. Before we dig into the solution, let’s learn more about how the process should work.

Running a vulnerability assessment is fundamental to security welfare of any business or company.

A vulnerability assessment needs to be scheduled at least monthly, if not more frequently.

Many business owners confuse a simple anti-virus check with a full vulnerability assessment.

An anti-virus check alone does not look at security as a whole. Server configuration, third party applications, network security and known exploits should also be considered. All these processes should form a full vulnerability assessment.

The real problem is ‘forgetting’ to stay current on OS and application updates…

Don’t Be An Easy Target

Hackers always grab the low hanging fruit. They want an easy target such as servers with outdated operating systems, plugins for WordPress that are not updated, or servers without firewall protection… all considered low-hanging fruit ripe for the picking.

It’s common sense really, why bother attacking a fortress when they can go after the straw hut?

Hosting your server behind a firewall is crucial in reducing the amount of hacking attempts you will receive.

Quite simply, adding a managed firewall to your server is crucial in reducing your vulnerability to attack.

Firewalls, on-site security, vulnerability assessments and more can add up very quickly. Thankfully, there is a solution that is very affordable that will reduce your risk greatly.

Most organizations will limit their checks to only a few times a year. Others will simply neglect a vulnerability assessment altogether.

As you now see, the more consistent you are with checking your server, the lower your chances of being the low-hanging fruit a hacker might pick.

Here are a few suggestions for you to consider if you are performing your own vulnerability assessments:

Basic Vulnerability Assessment Checklist

  • Select an appropriate commercial or open source security scanning tool, depending on the application framework, that ensures maximum coverage.
  • Check for the presence of injection flaws like SQL, JSON, XML, and LDAP injections. Test for cross-site scripting (XSS) through all input points for the application. Determine whether forms are submitted securely.
  • Inspect for inadequate authentication methods, improper access control definitions, and broken login processes. Ensure passwords are secure and not easy to compromise.
  • Review for secure session IDs/cookies.
  • Ensure the network is secure and no other machines inside the network are compromised.

Of course, you can get more detailed than that… if you know what you are doing. Most business owners and IT managers simply do not have the time to allocate to consistent vulnerability scans.

Beyond vulnerability assessments, there are many other things you can add to boost your defense.

Location, Location, Location

You’ve heard that location matters in real estate… and it matters just as much with your server.

Many of these suggestions I’m about to make are expensive unless you are using the service I will reveal later in this article.

Most top-tier data centers include intrusion detecting systems, firewalls, two-factor authentications and content filtering. If you are hosting your server locally, you know how expensive these can be.

There are other advantages to hosting with a top-tier data center… such as reducing the amount of ‘traffic’ surrounding your equipment.

It is becoming more and more common for threats to be occurring at the physical local level. If you host servers in your office building and the room is not totally secure, you are opening your risk considerably to a local hack attempt.

Many businesses have found that their internal security is increasingly compromised through simple methods such as…

The true Trojan horse where an authorized user installs malicious software or enables a back door into the company’s network. It is thought that Sony Pictures was the victim of this Trojan horse tactic when they were hacked.

The data included personal information about Sony Pictures employees and their families, e-mails between employees, information about executive salaries at the company, copies of then-unreleased Sony films, and other information.

The perpetrators then employed a variant of the Shamoon wiper malware to erase Sony’s computer infrastructure.

To protect your business, location of physical equipment must be considered.

All of this can add up, but it doesn’t have to be expensive…

Here’s How To Protect Your Business

Earlier in this article I told you about an affordable solution that not only reduces your threat risk, but it also protects your data in the event you are compromised.

It’s the 5-in-1 Managed Services bundle from Superb Internet… and it includes vulnerability assessment, OS hardening and patches. In addition, you also get a managed firewall and managed backup.

The 5-in-1 Managed Services bundle is the ‘whole enchilada’ when it comes to protecting your business.

You get everything without the high cost of an IT expert who would charge thousands to configure and setup each of these for you. The good news is that you can get everything for one low monthly price.

Before we get into how affordable the 5-in-1 Managed Services bundle is, let’s go into detail about our topic today… vulnerability assessments.

The first step in reducing your risk is to close all the ‘holes’… and to do that, you need to know where the holes exist. Superb Internet starts with a powerful scanning tool…

How is a Vulnerability Assessment performed?

Superb’s Vulnerability Scanner is a powerful network security assessment tool for finding potential security risks and flaws either inherent to the operating system or created from misconfigurations.

Every dedicated and managed hosting customer gets one complimentary scan per month.

Superb’s security tool reports on thousands of updated vulnerabilities by performing a complete scan. After a scan is completed, a report is generated which lists possible vulnerabilities found on your server. The report ranks the vulnerabilities based on the security level of importance from “warning” to “high.” Vulnerability Scans are available on a subscription or on-demand basis.

After every successful scan, a report is automatically generated and delivered to your inbox.

Next, technicians perform OS hardening based on the results…

What is OS Hardening?

The purpose of OS Hardening is to minimize your server’s exposure to current and future threats by configuring the operating system to be optimally secure.

The OS Hardening service addresses security weaknesses in operating systems by installing the latest OS patches & updates, deactivating unnecessary programs, and following procedures and policies to reduce malicious attacks and system down time.

Once your server is online, patches and updates are made as needed moving forward…

Patches & Updates

The Superb Internet Professional Services Division will log into your server and apply any available updates on the 3rd Monday of every month. If necessary, they’ll also restart your server to complete the installation process.

This makes sure you are always up to date… always secure.

You can add the 5-in-1 Managed Services bundle to ANY existing Superb Internet Cloud or Dedicated Server.

And right now, if you add the 5-in-1 Manages Services plan, you’ll get R1Soft along with the following services and save a bundle of money at the same time:

1. Vulnerability Scanning
2. OS Hardening
3. Cisco Managed Firewall
4. Proactive Monitoring

You’ll get everything…

… hack prevention
… ransom protection
… data backup
… OS hardening and patch updates
… and a Cisco managed firewall

You get everything you need to SECURE YOUR BUSINESS and protect yourself for a price that’s so low, I don’t want to mention it here for our competition to see.

Login to your customer portal at https://mycp.superb.net/ or contact our sales team for a FREE Security and Data Protection Assessment by clicking the following link: https://www.superb.net/about/contact-us

Security

Does your business website have a firewall?

Leave a comment

In light of recent events in cyber security, you need to be asking your IT team this question.

Here’s why…

According to an NCSA Cyber Security survey, research revealed that a mere 4% of the population has a full understanding of firewall

As business owner, you should be part of that 4% that has a full understanding.

If you do not have a firewall in place, you are placing your business and cash flow in serious jeopardy.

So what’s a firewall?

Well, firewalls monitor data exchanges between your server and other computers across cyberspace to determine whether each connection is safe or not.

The firewall is similar to the shields Captain Kirk regularly deploys on the Star Trek Enterprise. While Kirk will raise and lower shields depending on the situation… a firewall is always up and running… deflecting the bad stuff.

If you don’t have a firewall or are unsure, contact the experts at Superb Internet and let them give you a no obligation security check.

There’s no cost and you’ll get peace of mind or the information you need to secure your business website.

You might be asking, why do I need the added expense of a firewall?

Great question! Honestly, not many websites actually have a firewall configuration… and that can be bad for business.

If your server is compromised, you’re looking at downtime.

Downtime = cash flow loss.

Recovery = added expense.

In my opinion, a firewall is BETTER THAN INSURANCE… it’s almost negligence to NOT HAVE a firewall for your business. Both for your website

Even if your server software is outdated, a firewall can provide protection… and let’s be honest, many times we simply ‘forget’ to do regular updates.

I’ll cover how to handle updates in a later article, but suffice it to say a firewall is worth its’ weight in gold.

With a firewall, your shield is up all the time… protecting your business.

And don’t worry, it doesn’t matter if you understand how to manage or setup a firewall… I’ll explain later in this article how to get a managed firewall custom tailored for your business. AFFORDABLY.

Here are 3 solid reasons why having a firewall is a must:

1. No Business Is Too Big or Too Small

Sony Pictures was hacked and blackmailed in 2014 with a creepy red skull appearing on their systems. Cybercriminals leaked yet-to-be-released films and hacked Sony’s Twitter account. Sensitive company data was destroyed and employee information like social security numbers and salaries were compromised.

Believe it or not, the big names are actually being avoided in favor of companies that tend to have weaker protection than the larger enterprises. Corporations are taking massive steps to cyber protection and allotting huge funds for hardened security, and they become a more tedious undertaking.

So the criminals are going for the low hanging fruit… is that your business?

If you own a smaller business, you’re a prime target.

You’ve got more digital assets compared to the typical individual consumer, putting your business on the criminal radar.

Without a firewall and with little effort, these criminals can get away with your lifelong investment.

And then there’s…

2. Ransomware and Cyber Threats

Ransomware attacks are quite common.

Malware encrypts enterprise data and can only be recovered when you fork over some bitcoin to unlock the data. The cyber-attacker demands payment in cryptocurrencies which leave no identifiable trail.

In 2016, the SAW horror-film-inspired JIGSAW ransomware which slowly deleted files when the victim refused to pay the ransom.

Worse, you could even be the victim of compromising emails or data that could change your life forever. Hillary Clinton and the DNC both learned the importance of data protection in 2015 and 2016.

And recently, hackers exploited an NSA surveillance tool released into the public domain. The malware called Wanna Decryptor 2.0 crippled hospitals worldwide.

Dozens of countries were affected as the malicious software rendered computers useless and left staff unable to access medical records.

And firewalls aren’t just about keeping the bad guys out…

3. You Dictate Who Gets Access

Can you imagine seeing the mouse move around on your screen as someone attempts to take control remotely? Just think of the aforementioned ransomware warning tactics that scare users off while cyber attackers seem to have fun in the background.

Every PC connected to the internet is a potential target for hackers, key loggers, and Trojans that await the slightest opportunity to attack unpatched security holes. Intruders are empowered to destroy your operating system, if only they can get into it!

A correctly configured firewall on a modern OS can ensure that remote desktop access is disabled to prevent unauthorized user access.

Moreover, firewalls block access by apps, perhaps even the software that you trust and unknowingly penetrate your system.

In short, it doesn’t matter what line of business you are in…power plants, credit unions, hedge funds, PR firms, hotels, retail shops, colleges, and online businesses are all at risk.

I’ve only listed three examples where a firewall can protect your business – there are quite a few more where a firewall can help, such as:

  • DOS & DDOS attacks
  • Session hijacking
  • Remote login
  • Trojan backdoors
  • Cookie stealing and more….

By now, you know a firewall is a good idea. 🙂

But what kind of firewall? How do I add a firewall to my existing server or website?

Both good questions… and here’s what you need to know:

There are two types of firewalls.

Software and Hardware.

Software firewalls are installed onto your server or local PC. These are great, but they are resource intense… which means they can slow down your computer or server.

You should definitely have this installed on EVERY PC in your local environment.

A good software firewall filters traffic of data down to the last detail in both directions. Automated whitelisting tools establish whether the packets meet the rules or specified security criteria or not, and will either be accepted or rejected accordingly.

The best firewalls in my experience are hardware based. Hardware based firewalls are essentially a server that monitors everything going in and leaving your computer or server.

Hardware is superior to software in many ways.

For one, they eliminate any load from your main business website. Your website can work as it should without having to fight off attackers.

Hardware firewalls provide maximum security as data is filtered at packet-level while utilizing less resources on your main server.

That’s why Superb Internet uses the Cisco ASA series firewall to protect servers and websites.

The Cisco ASA is a mix of hardware and software. The whole package so to speak… giving you dedicated hardware with an easy to manage web interface… and like I said, you don’t need to understand any of this when you choose Superb Internet.

In fact, Superb will configure and deploy the firewall in front of your website for you… very affordably.

What Is the Cisco ASA and How Does It Work?

Cisco ASA, short for Adaptive Security Appliance, is a versatile firewall that can be added to any virtual or dedicated server at Superb Internet. Cisco ASA combines software and hardware firewall, antivirus and virtual private network (VPN) features in one.

Keeping your business online and protected is something you don’t want to take lightly.

The right business-owner mindset is to never underestimate the possibility of cyber security attacks! Stop them before they get into your network.

The Cisco ASA is included in Superb’s Managed Services Suite… and like I said it’s extremely affordable.

You can add a Cisco Managed Firewall to ANY existing Superb Internet Cloud or Dedicated Server.

And right now, if you add the 5-in-1 Manages Services plan, you’ll get Cisco Managed Firewall bundled with the following services and save a bundle of money at the same time:

  • R1Soft Backup
  • Vulnerability Scanning
  • OS Hardening
  • Cisco Managed Firewall
  • Proactive Monitoring

You’ll get everything…

… hack prevention
… ransom protection
… data backup
… OS hardening and patch updates
… and a Cisco managed firewall

You get everything you need to SECURE YOUR BUSINESS and protect yourself for a price that’s so low, I don’t want to mention it here for our competition to see.

Login to your customer portal at https://mycp.superb.net/ or contact our sales team for a FREE Security and Data Protection Assessment by clicking the following link: https://www.superb.net/about/contact-us

Security

What would data loss cost your business?

Leave a comment

For many business owners, data protection is an afterthought.

One of the common assumptions is data is secure because it is hosted in the cloud or on a dedicated server.

I’ll be honest with you, nothing has changed because of cloud technology.

Your data is still at risk. Probably more today that at any other time in history. There are simply more people with more access to the Web with bad intentions.

Hackers, malware, and other system invaders try to do one of two things:

#1: Steal your data
#2: Prevent you from accessing your data

Having a bullet-proof data protection and backup solution can help protect you from ‘Ransomware’  and cyber criminals looking to profit from your information. And it’s easier than you think, but I’ll get to that later…

First, let’s discuss how the data in your business is directly effecting your bottom line.

Should your system data become compromised for any reason, it will cost you time and money to restore your business operations to normal.

The only way to minimize the impact of the unexpected event is to have a company backup plan and policy.

For every hour you are offline, you are losing money.

And worse, customers can become angry or frustrated and click away to a competitor.

This is money you can never get back… and the TIME is takes to recover your data is going to be costly.

IT experts charge a fortune to help restore you to where you were (I’ve included some figures on this below).

Imagine a scenario where you lose several days of business. Almost as if you stepped into a time machine and fast-forwarded three days with ZERO revenue in between. Devastating.

A loss of daily revenue can be a death blow to your business.

However, it can be worse… what if your data is lost forever? Could you recover from that?

Imagine if your data was wiped and you were staring at a placeholder for your website. What if your leads were all gone? Customer sales history, addresses, emails, phone numbers… all gone.

Ask yourself how you would handle this potential situation.

Yet, it doesn’t have to be this way and you can protect yourself easily and affordably.

As a business, you already know that standard practice is to justify every expense incurred. When it comes to data backup and protection, here are three clear reasons supported by research that demonstrate the critical nature of data backup.

Consider the following:

1. Data loss + downtime = lost revenue

In this case, the revenue is lost because the amount of time required to recover or recreate the data changes the focus from the day-to-day operations to recovery mode. A certain amount of time will be required even if you have backup systems in place, but the difference in recovery time will definitely impact your revenues. The cost, according to Infrascale.com, is $8000 for a small business and $700,000 for a large business – per hour. Note that these are averages, so the more data dependent your business is, the more it will cost you.

2. Loss of Business Continuity = lost revenue

Business continuity is the ability to continue to make money. Malware or a data breach will grind your business to a halt unless you have adequately prepared for the unexpected event. We only need to remind businesses of the 2012 McAfee antivirus update disaster that affected business and home users alike.

McAfee was not a malware creator but exactly the opposite – a company whose software was supposed to protect your data. The simple truth is that business continuity can always be interrupted.

3. Data Security increases organizational focus

No equal sign here. When an unexpected event shuts down your business, your data needs to be both safe and available. A 2015 Gartner award-winning company reported that 40 percent of IT professionals rated the ability of their company to recover from an unexpected disaster as either fair or poor. Lack of data security will clearly result in employee insecurity, whether it is your own or that of your employees.

What’s the solution?

Most business will fall into one of two groups:

  • Your business has minimal or no data backup plan, or…
  • Your business has a backup system in place

For both groups, the question is if your backup system is adequate from your existing and growing needs.

If your business has no backup plan…

Your business is in dire need of a data backup plan and strategy. Instead of starting with less-advanced technology, begin by using R1Soft as a solution. Data backup technologies employ the same basic framework for saving your critical data, saving it to your server on a period basis by making a duplicate copy. The advantages of the R1Soft solution are more clearly seen once you become a member of the second group… and I’ve got a special offer for you below for implementing a backup strategy with R1Soft.

If your business has a backup strategy in place…

Solutions that were created several years ago and have not kept up with more advanced data backup options should be reviewed. This is common because business owners focus on running their business and presume their current plan is sufficient for their needs. For this group, R1Soft is a solid solution that can be easily added to any virtual or dedicated server.

What is R1Soft?

R1Soft is designed to backup your software continuously as it monitors changes to your system data. The more standard systems backup your data once or twice a day at scheduled intervals. This type of backup requires you to use considerable system resources as it performs the operation, often slowing down the core components of the business.

R1Soft is able to select only the files that require backing up when they change, so instead of having one or two backup points to choose from, you can have literally hundreds.

This reduces load…

Two main advantages to R1Soft is that you will use far fewer system resources during the backup process.

Recovery time will also be decreased when compared to the more traditional backup system software.

There is always a certain amount of time lost during a recovery operation, and R1Soft directly addresses this issue by giving you the largest number of recovery options for your data.

For example, if you need to replicate your data to a remote location it can be done without taking your server offline.

Here’s a simplified process of how R1Soft works:

  • A snapshot of your data is taken
  • R1Soft uses this snapshot as the starting point to continuously monitor changes to the data
  • Backups can be scheduled in increments as short as every 20 minutes
  • Backups can be monitored from a single, web-based console

Best yet, R1Soft is Linux or Windows compatible.

You can add R1Soft Backup to ANY existing Superb Internet Cloud or Dedicated Server.

And right now, if you add the 5-in-1 Manages Services plan, you’ll get R1Soft bundled with the following services and save a bundle of money at the same time:

  1. Vulnerability Scanning
  2. OS Hardening
  3. Cisco Managed Firewall
  4. Proactive Monitoring

You’ll get everything…

… hack prevention
… ransom protection
… data backup
… OS hardening and patch updates
… and a Cisco managed firewall

You get everything you need to SECURE YOUR BUSINESS and protect yourself for a price that’s so low, I don’t want to mention it here for our competition to see.

Login to your customer portal at https://mycp.superb.net or contact our sales team for a FREE Security and Data Protection Assessment by clicking the following link:
https://www.superb.net/about/contact-us

Quincy Solano
Marketing Manager
Superb Internet Corp.

Take a look at the complete list of features R1Soft offers as significant advantages to your company and its current data backup plan.

Continuous Data Protection – Instead of backing up your data through the file system, R1Soft backs it up at the block level, reading the data directly from the disk or volume. This increases the speed of the backup while significantly reducing the use of system I/O resources.

Block-Level Backups – Block-level backups are not affected by the number of files you are backing up. It also enables you to backup open files and snapshot features, so you maximize your available storage space and resources.

Disk Safe Replication – Disk Safe is the feature used to replicate your data to an offsite storage location. Because you do not have to take your server offline to perform the remote backups, you do not have to worry about losing data during the backup process.

Disk Safe Verification – This part of Disk Safe protects your data from corruption through constantly monitoring the transfer. Verification offers considerable flexibility by scheduling it to run either periodically or on demand. Any corruption that is detected will result in a notification to the console operator.

Quick Restore – R1Soft’s Bare-Metal Recovery feature will enable you to perform recovery operations even when you are backing up your files. Complete restoration can be performed in as little as 30 minutes.

Data Retention Policies – You are able to restore data quickly depending on the type and frequency of your backup points. As an example, you can set the backup for every 20 minutes and determine the number of recovery points to retain. The old will be merged with the new, so the storage is recycled.

Control Panel Interface – The online control panel allows you to securely authenticate local of users and give them the ability to backup and restore files. Our CPI integrates with many of the most popular Linux Control Panels, including cPanel, Plesk, and InterWorx.

Multi-Platform Support – R1Soft’s Server Backup Manager supports the following Windows platforms:

Windows
VMware ESX/ESXi
Microsoft Hyper-V
Citrix XenServer
Parallels Virtuozzo
Parallels Cloud Server
MySQL
Microsoft SQL Server
Microsoft Exchange
Linux

The vast majority of Linux variants are supported.

AES-256 Encryption – The AES-256 Disk Safe Encryption technology is available when you create Disk Safes for backing up data and protects your data on the backup and over the network.

If you are serious about your online business, then you need to get a serious online backup solution. An online business that has downtime is much like a brick and mortar business that has its doors locked. Customers cannot gain access, and for an online business that means customers will very likely go elsewhere. R1Soft is the right answer, whether you have no current data backup plan or your existing plan has been ignored and needs a serious upgrade.

You can add R1Soft Backup to ANY existing Superb Internet Cloud or Dedicated Server.

And right now, you can add R1Soft to your existing server for an insane price… and you’ll also receive:

  • Vulnerability Scanning
  • OS Hardening
  • Cisco Managed Firewall

You’ll get all of that hack prevention, ransom protection and data backup for one low monthly price. So low, I don’t want to place it on here for our competition to see.

If you are interested in adding all of the above at a price that’s hard to believe, just contact our sales team by clicking here:
https://www.superb.net/about/contact-us

Sources:
PC World
Infrascale

General, Secured Sockets Layer (SSL), Security

A Crash Course on SSL Certificates – A MUST Read for Every Website Owner

Leave a comment

At Superb Internet, we’re always looking out for you. That’s why we want to take the time to give you a crash course on one of the most important elements to keeping your website safe, secured, and compliant – SSL certificates.

Giving You the Lowdown on SSL Certificates

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant.

Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information, such as a customer’s personal and credit card information. By adding an SSL certificate, you not only protect your business but also increase customer confidence by safely encrypting your customers’ most sensitive data.

For online transactions, an SSL certificate turns sensitive data into encrypted secure code. The web browser then checks the SSL certificate to make sure that the website is legitimate. Once verified, the web browser and server processes the encoded information.

SSL Certificate 1

This helps to ensure that the sensitive data delivered between the web browser and server is handled safely, securely, and that the website is PCI (Payment Card Industry) compliant.

Why Picking the Right Certificate Authority (CA) Matters

Picking the right Certificate Authorities (CA) is integral in the entire SSL process because they’re the ones issuing these digital certificates. In essence, digital certificates, such as an SSL, are small verifiable data files containing identity credentials that help authenticate the online identity of people, websites, and devices.

Each digital certificate includes valuable information like the expiration date of the certificate, the owner’s name and other important information, along with a public key – a value provided by some designated authority as an encryption key.

ssl-5

As a trusted entity issuing these digital certificates, the CA must meet strict and detailed criteria before being accepted as a member. Once accepted, the CA is authorized to distribute SSL certificates.

The longer the CA has been operational, the more browsers and devices will trust the certificates issued by the CA. One important thing to note is that for certificates to be transparently trusted, it must have “ubiquity” where it’s capable of being backwards compatible with older browsers, including mobile devices.

Overall, CAs play a vital role in how the Internet operates today by protecting information, encrypting billions of online transactions, and enabling secure communication. Without CAs, the Internet would not be as transparent and trustworthy as it is and online transactions would be more susceptible to hacks, data breaches, and phishing.

Get the Perfect SSL Certificate(s) to Meet Your Needs

Of course, not all SSL certificates are created equal. To ensure that you pick the right SSL certificate(s) for your needs, it’s important to understand the main differences in regard to its validation level:

Server Gated Cryptography (SGC) SSL Certificates

To begin, let’s start with one of the original secured digital certificates – the Server Gated Cryptography (SGC) SSL certificate. SGC SSL certificates were made available from the mid 1990’s as a means to increase the cryptographic strength of the SSL connection from 40, or 56 bits, to 128 bits.

At that time, the goal was to force weakly encrypted browsers to use the stronger 128-bit encryption method for online financial transactions. Of course, times have changed and SGC browsers, such as Netscape, are obsolete. The once reliable, and unbreakable 128-bit encryption, is now susceptible to new vulnerabilities and are unable to support the ongoing revisions of SSL protocols.

Today, the standard SSL encryption is 256-bit and we recommend anyone with an SGC SSL certificate to replace it immediately with one of the other types of SSL certificates below based on their validation level and security requirements.

ssl-4

 

Organization Validated (OV) SSL Certificates

Organization Validated (OV) SSL certificates are more trusted because the validation process not only requires for the domain to be authenticated but also additional information and documentation to certify the company’s identity.

The CA must authenticate the company against the business registry databases held by the local government to confirm information, such as the entity’s name, city, state, and country to ensure that it’s a legitimate business. Because of this, the entire process can take anywhere from a few hours, to a few days to complete depending on the CA’s validation process.

OV certificates are considered the standard type of certificate for any commercial website because it contains all the necessary information for company validation. By giving people more visibility into who is actually behind the site when they click on the Secure Site Seal (lock icon) located on the address bar, visitors feel more comfortable sharing their personal information with the site.

Domain Validated (DV) SSL Certificates

Domain Validated (DV) SSL certificates are used on public websites and are one of the cheapest certificates to get. The validation process is very simple and is typically performed via email or DNS to confirm that the domain is registered and that someone with admin rights is aware of, and approves, the certificate request.

Since no company information is vetted, the entire process can be complete almost immediately. If the certificate is valid and signed by a trusted authority, the browsers would indicate a successfully secured “Hyper Text Transfer Protocol Secure (HTTPS)” connection in the address bar.

DV certificates are ideal only to those wanting a quick and low cost SSL where organization validation is not a concern. With this in mind, an informed user may acknowledge that DV certificates do provide encryption and security as other certificates but they may still not trust the site with their personal information because no company information has been vetted as part of the validation process.

Extended Validated (EV) SSL Certificates

If you’re looking to go the extra mile in keeping your website(s) safe, secured, and compliant, then Extended Validated (EV) SSL certificates is the perfect solution for you. Unlike the validation process for DV and OV certificates, getting an EV certificate is more difficult because of its strict and stringent authentication procedure that requires domain ownership and additional company documentation, along with other steps and checks. Overall, there are two main phases to the authentication process.

The first phase requires the CA to conduct thorough research to identify the legal entity that controls the website. This is done by verifying the legal, physical, and operational existence of the company. In addition to verifying that the organization’s identity matches official records, the CA must also ensure that the organization has exclusive rights to use the domain specified in the EV certificate and that it has properly authorized the issuance of the EV certificate. Typically, the CA will also obtain an attorney’s legal opinion on the validity of not only the business but also the information provided to obtain the EV certificate.

The second phase assist with enabling encrypted communication of information over the Internet between the website and the user of an Internet browser. By having processes for facilitating the exchange of encryption keys to prevent hacking, phishing and malware, organizations with EV certificates have a vehicle in place to properly address online identity fraud.

Since the validation process for EV certificates are much more in-depth, the entire process can take a few days, to even a few weeks to complete. Plus, CA’s issuing EV certificates must undergo recurring audits to ensure the integrity of the SSL certificate issued.

EV certificates are an ideal solution for businesses that wish to assert the highest levels of authenticity and security. By adhering to the strictest authentication process, any company with an EV certificate is rewarded with a visible “Green Bar” that’s clearly noticeable on any modern browser. This gives visitors and customers the utmost confidence that the site is extremely secured and compliant.

Wildcard (*) SSL Certificates

Wildcard SSL certificates secures your website similar to standard SSL certificates and the requests are processed using the same validation method. These types of SSL certificates are available for most of the validation levels (DV, OV, EV) mentioned above and can help protect an unlimited number of subdomains for a single domain.

One of the key differences is that Wildcard SSL certificates uses “Subject Alternative Names (SANs)” to secure a domain and all of its first-level subdomains. Whereas, a standard SSL certificate will only secure the domain that you bought the SSL certificate for and any subdomains will be left unprotected unless you purchase a Wildcard SSL certificate or additional SSL certificates for each subdomain.

For instance, let’s take www.SSL.com as an example. By purchasing a Wildcard SSL certificate for this domain, all you would have to do is add an asterisk (*) in the subdomain area located left to the common domain name and you can secure an unlimited number of subdomains for *.SSL.com, such as the following:

  • protection.SSL.com
  • safeguard.SSL.com
  • security.SSL.com
  • browsers.SSL.com
  • internet.SSL.com

Overall, Wildcard SSL certificates is a great solution for those with multiple subdomains who want to save time, money, and to make the SSL administration process easier for securing their site. However, the drawback with Wildcard SSL certificates is that each subdomain is not individually protected. So if a certificate is revoked on one subdomain, other subdomains will be compromised and revoked as well.

Always be on the Lookout and Manage Your SSL Certificates

Having an SSL certificate is an essential part in protecting sensitive data in transit. And while SSL certificates provide additional layers of security, it can still be vulnerable and susceptible to attacks. This is where SSL certificate management comes in. You always have to be on the lookout to ensure that the SSL certificates are managed properly.

Proper SSL certificate management requires knowing the status of each certificate across sites, browsers, and networks. Through careful monitoring of these certificates, website owners can prevent major incidents from occurring, such as phishing and data breaches, which can not only be expensive to resolve but also cause long-term damage to your reputation with customers.

Now is the Time to Protect Yourself, Your Business, and Your Customers

Thinking about getting an SSL certificate for your website? Let us help keep your website safe, secured, and compliant. Whether you’re thinking about getting an SSL certificate to encrypt sensitive information, authentication, PCI compliance, to gain your customers trust, or to prevent phishing and data breaches, we have a wide-array of trusted brands to choose from.

ssl-6

Start now and easily compare SSL certificates from major global CA’s like GeoTrust, Comodo, and Symantec. See our latest line of secured, reliable, and affordable SSL certificates below. Get trusted, be protected, and stay compliant today!

Certificate Authority Certificate Name Validation Level(s) 1 Year 2 Year 3 Year
Comodo EssentialSSL DV $11 $20 $28
GeoTrust RapidSSL DV $18 $26 $38
Comodo InstantSSL OV $39 $79 $99
GeoTrust True Business ID OV $119 $199 $289
Comodo EV SSL EV $179 $359 N/A
GeoTrust True Business ID with EV OV/EV $299 $469 N/A
Comodo EssentialSSL Wildcard DV/WC $179 $289 $399
GeoTrust RapidSSL Wildcard DV/WC $129 $249 $369
Comodo PremiumSSL Wildcard OV/WC $199 $398 $597
GeoTrust True Business ID Wildcard OV/WC $499 $998 $1,497

Recommended Validation Level(s):

Domain Validated (DV) SSL Certificates:

DV certificates are ideal only to those wanting a quick and low cost SSL where organization validation is not a concern.

Organization Validated (OV) SSL Certificates:

OV certificates are the standard type of certificate and contains all the necessary information for company validation.

Extended Validated (EV) SSL Certificates:

EV certificates are an ideal solution for businesses that wish to assert the highest levels of authenticity and security.

Wildcard (WC) SSL Certificates:

WC certificates are a great solution for those with multiple sub-domains who want to save time and money.

Secured Sockets Layer (SSL), Security

Keeping Your Website Safe, Secured, and Compliant – SSL Certificates

717 Comments

What are SSL Certificates?

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant.

How SSL Certificates Work?

Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information, such as a customer’s personal and credit card information. By adding an SSL certificate, you not only protect your business but also increase customer confidence by safely encrypting your customers’ most sensitive data.

For online transactions, an SSL certificate turns sensitive data into encrypted secure code. The web browser then checks the SSL certificate to make sure that the website is legitimate. Once verified, the web browser and server processes the encoded information.

This helps to ensure that the sensitive data delivered between the web browser and server is handled safely, securely, and that the website is PCI (Payment Card Industry) compliant.

SSL Certificate Management

Having an SSL certificate is an integral part in protecting sensitive data in transit. And while SSL certificates provide additional layers of security, it can still be vulnerable and susceptible to attacks. This is where SSL certificate management comes in.

Proper SSL certificate management requires knowing the status of each certificate across sites, browsers, and networks. Through careful monitoring of these certificates, website owners can prevent major incidents from occurring, such as phishing and data breaches, which can not only be expensive to resolve but also cause long-term damage to your reputation with customers.

Let Us Protect Your Website

Thinking about getting an SSL certificate for your ecommerce website? Let us help keep your website safe, secured, and compliant. With our easy-to-follow SSL comparison table, you can effortlessly find the right SSL certificate that’s perfect for your website.

Whether you’re thinking about getting an SSL certificate to encrypt sensitive information, authentication, PCI compliance, to gain your customers trust, or to prevent phishing and data breaches, we have a wide-array of trusted brands to choose from.

How do I Install an SSL Certificate for my Website(s)?

Here are the steps to follow when installing an SSL certificate for your website(s) with us:

1. From the “myCP” homepage, click on “Account Options” and select “Order Upgrades / Add-Ons.”

myCP

2. Scroll down to the SSL certificate section and choose the SSL certificate you want, including the quantity and timeframe. Click “Next” once you’ve finalized on your SSL certificate.

SSL certificate section

3. Fill in all the required information on the SSL certificate order form:

  • Contact First Name
  • Contact Last Name
  • SSL Domain Name

            * Note: Enter the domain name using the SSL certificate (usually www.yourdomain.com).

  • Company Name
  • Company Address
  • Company City
  • Company State or Province
  • Company Phone Number
  • Company Postal / Zip Code
  • Contact Email
  • Country

SSL Order Form

4. Please create a Certificate Signing Request (CSR) if you are a dedicated server customer. Follow the link for additional details from SSL vendor for generating a CSR.

CSR Generation

CSR Generation Part II

5. Before submitting the order, please ensure that the email “admin@example.com” exists on your server where “example.com” is the site that you’re ordering the SSL certificate for.

SSL email example

6. Copy and paste the CSR into the designated area on the order form and click “Complete Order.”

CSR Code Paste section

 

 

Start now and easily compare SSL certificates from major brands like GeoTrust, Symantec, Comodo, and Rapid. See our SSL comparison table for additional details.

 

Security

Where is your website hosted?

Leave a comment

It’s important you know where your business is hosted. Very important.

Why?

A few years ago, I toured two data centers. One was owned by a major player in web hosting for more than a decade. The second data center was owned by a smaller web host I had not heard much about.

Both of these data centers were located in the same city just a few miles apart.

The first data center showed promise, it was inside of an old bank building. The tour was met by security at the entrance. We then proceeded to the data center area.

Once in the data center, it was clear this was setup by amateurs.

Cables were everywhere. It looked terrible and worse you had to dodge cables as you worked your way through the facility.

At the back of the DC was an employee with the back door wide open smoking a cigarette.

Anyone could have walked through the back door and had immediate access to the DC. After walking around the building itself, it was clear there was not a backup generator available.

Just a few weeks later, we heard news that this data center was robbed. Someone broke in the back door and removed servers and other equipment. So much for security.

The second data center we toured was located in a bad part of town. This DC was next to a bar and a motorcycle shop.

Nothing special here, just a stand alone office building. The building was divided and on one side of the building was the DC and the other an insurance agency.

During the second tour, we were met by the owner and taken to a back room inside his share of the office building. The DC was nothing more than a back room. The DC had carpet flooring. There was no backup generator. No security to speak of.

The cooling unit? An A/C window unit.

Security? The owner told us the biker shop guard dog would bark (he said this jokingly).

Unfortunately for his customers, this was not a joke.

Worse, the owner didn’t host his own website in this ‘data center’. He hosted it at a competitor.

Why is this important to you? Because, it is VERY IMPORTANT you know exactly where your business is hosted.

If you do not host currently with Superb Internet, you need to start thinking about switching over immediately. If you already host with Superb Internet, I’ll show you shortly why you have made a very wise decision.

First of all, location is everything.

Location, location, location. You hear this saying all the time for brick and mortar businesses. The same is true for where your business website and applications are hosted.

  • Located in a safe section of the city where the DC is located.
  • Located in a DC close to backbone connections and peering points.
  • Let’s not forget about technicians located onsite and ready to help should you need support.
  • Further, security located onsite 24/7 and  guarding access to the data center.

So let’s take a look at what it takes to deliver a first-class Data Center as I give you a brief tour of our SEA2 DC located in Seattle, Washington.

Every picture below are real photographs of the Superb Internet SEA2 Data Center and NOT stock images.

Seattle is one of the best connected high-tech cities in the entire United States. Our SSAE 16 Audited data center, known as SEA2, has multiple diverse-path fiber transport circuits with stable carriers. Security is always a top priority, with leading-edge biometric access control and continuous live video surveillance. In addition, the SEA2 Network Operations Center (NOC) is staffed around the clock with highly experienced Systems and Network Administrators.

Network

Superb Internet’s core network and backbone connectivity consists of 11 core network sites, located in five different states, with three SSAE 16 Audited data centers from coast to coast.

We are ISO 9001:2008 certified, registered and have a ITIL certified staff.

With direct connectivity to all major global Tier 1 backbones and major networks & ISPs, our network has no single point of failure, and offers extremely low latency and no packet loss—resulting in the best efficiency and performance available anywhere.

Our network is fully redundant at every level and entirely fault tolerant, able to withstand major disasters.

superb-network

Like all our other data centers, the SEA2 network is fully fault-tolerant, with redundant carrier-grade Cisco 12008 & 12012 GSR core routers, Catalyst 6500 MSFC distribution B switches, and Catalyst 4912G distribution ‘A’ switches. Separate, redundant power circuits provide both DC and AC power.

Cooling

Keeping the server your business is hosted on is very important. For this reason, the SEA2 DC has a secure outside enclosure, where you can see over 600 tons’ worth of dry coolers for the data center’s air conditioning units. Proper cooling allows processors to perform better and increases longevity of the hardware.

superb-cooling

Onsite Security & Support

Closed-circuit, live video surveillance is monitored 24-x7x365 by experienced, vetted personnel only.

superb-security1

Access to servers is controlled using advanced biometric security systems.

superb-security2

Further, SEA2 is staffed 24x7x365 by senior system & network engineers.

Power

Reliable power ensures maximum uptime. Power is one of the highest expenditures for a Data Center, and this is one area Superb Internet will not take lightly.

Some of the power features of SEA2 include:

  • Power feed provided through a dedicated transformer exclusive to the data center
  • Three 500KVA UPS systems
  • 5MW Caterpillar diesel generator

One of the highlights of SEA2 is the 2000 Amp, 480 Volt, 3-phase, reliable utility power feed and the three N+1 redundant 500k VA UPS & maximum capacity battery systems.

superb-power

Servers

You’d be surprised if you saw what some of our competitors use to host their customers. At Superb Internet, we only use industry standard servers and components.

superb-servers

Staffing

We believe that people make all the difference. Our team consists of network engineers who oversee our entire coast-to-coast backbone network, and technical support engineers. SEA2 data center onsite staff are always available to help you, any time of the day or night.

The data center is sized to house well over 5000 servers. From the office, our onsite staff can get a clear view of the data center floor 24x7x365.

superb-staff

As you can see, there is a lot more to consider than price when you are deciding on where to host your business. Of course, these are just a few highlights of the SEA2 Data Center.

If you aren’t currently with Superb Internet and would like to test drive our Data Centers and our Transparent Cloud, here’s how to test us our for only $2…

Test Drive Superb Internet’s Transparent Cloud and Network

Why not perform a NO RISK test of Superb Internet’s Transparent Cloud? You can test drive our cloud platform featuring 2GB RAM, 2 Cores, 20GB SDD for just $2 for 2 MONTHS!

Better yet, every 20th customer will get 20 YEARS HOSTING at NO COST.

Click the link below to lock your cloud server down for just $2 for 2 months :
=> https://www.superb.net/anniversary-cloud

And to be clear, you’ll get 2GB RAM, 20GB SDD, 2 CORES (CS1S-312) for just $2 for 2 MONTHS… that you can use as a:

… backup server
… dev / test server
… replacement for your current server at your existing host
… or upgrade from shared hosting to a FASTER and more reliable platform
… emergency cutover server

Put Superb Internet to the test and I’m sure you’ll be pleased with our network, data centers, and support staff.