Posts Tagged ‘ssl certificate’
Thursday, June 24th, 2010
 LuxSci’s SecureForm service enables you to quickly make your web site or PDF forms secure and HIPAA compliant. Receive the form data, including uploaded files, via secure email or download the data securely from LuxSci’s web interface. It also supports insecure form posts and delivery, making the usual form-to-email process easy to setup and protected from form Spam.
Typically, when using SecureForm, your web or PDF form will post to a secure web site address (URL) that is provided by LuxSci in the LuxSci.com domain name. I.e. something like “https://secureform.luxsci.com/perl/post/xxxxxxx”. Once the form data is processed, the end user is redirected to a success or failure web page on your site (for web forms), or is shown a success or failure PDF that you provide (for PDF forms). I.e. under most conditions, the end user will never see the domain name to which the form is posted.
For customers who wish to use their own web site URL for the secure form posts, perhaps something like “https://forms.yourdomain.com/perl/post/xxxxxxx”, LuxSci now has a solution that does not require getting a dedicated server!
Read the rest of this post »
Tags: branding, form post, hipaa compliant, pdf, private labeling, secure form, secureform, ssl certificate, web form
Posted in New Feature Announcements
No comments »
Friday, February 19th, 2010
 TLS stands for “Transport Layer Security” and is closely related to “SSL” (Secure Socket Layer). TLS is one of the standard ways that computers transmit information over an encrypted channel. In general, when one computer connects to another computer and uses TLS, the following happens:
- Computer A connects to Computer B (no security)
- Computer B says “Hello” (no security)
- Computer A says “Lets talk securely over TLS” (no security)
- Computer A and B agree on how to do this (secure)
- The rest of the conversation is encrypted (secure)
In particular:
- The meat of the conversation is encrypted
- Computer A can verify the identity of Computer B (by examining its SSL certificate, which is required for this dialog)
- The conversation cannot be eavesdropped upon (without Computer A knowing)
- The conversation cannot be modified by a third party
- Other information cannot be injected into the conversation by third parties.
TLS (and SSL) is used for many different reasons on the Internet and helps make the Internet a more secure place, when used. One of the popular uses of TLS is with SMTP. See also:
Read the rest of this post »
Tags: AES256, opportunistic TLS, secure, smtp, smtp tls, ssl certificate, tls
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy
13 Comments »
Tuesday, January 5th, 2010
 Creating a web site that has “secure” components requires more than slapping together some web pages and adding an SSL Certificate. All a certificate really does is create a thin veneer of security — one that does not go very far to protect whatever sensitive data necessitated security in the first place. In fact, naive attempts at security can ultimately make the data less secure and more likely to be compromised by creating an appetizing target for the unscrupulous.
So, beyond paying big bucks to hire a developer with significant security expertise, what do you do? Start with this article — its purpose is to shed light on many of the most significant factors in secure web site programming/design and what you can do to address them. At a minimum, reading this article will help you to intelligently discuss your web site security with the developers that you ultimately hire.
Read the rest of this post »
Tags: eavesdropping, https, man-in-the-middle, pgp, phishing, s/mime, ssl, ssl certificate, trust, web site security
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, LuxSci Library: Web Design and Programming
No comments »
Wednesday, December 30th, 2009
Standard SSL Certificates are issued by an Certificate Authority (CA) such as Thawte after the CA performs some basic standard validation on the identity of the certificate request to ensure that the certificate is not issued to “the wrong hands”.
The types of validation performed for standard SSL certificates vary by the type and cost of the certificate, but include:
- A confirmation email message sent to the domain administrator as specified in the domain’s entry in the WHOIS database
- A confirmation email message sent to a standard administrative email address at the domain itself, such as “admin@domain.com”.
- The name of the organization owning the domain name may be validated.
You should purchase SSL Certificates that use the above forms of validation in order to:
Read the rest of this post »
Tags: certificate authority, ev, extended validation, extended validation SSL certificate, ssl, ssl certificate, Thawte
Posted in TechNotes
1 Comment »
Monday, December 28th, 2009
We are often asked by customers why they should pay more for an SSL certificate from LuxSci/Thawte instead of purchasing from a third party provider like Go Daddy. I.e., what justifies the added expense?
There are two key considerations in choosing Thawte SSL from LuxSci:
- The recognition of an SSL certificate from Thawte.
- The benefit of LuxSci managing the order process, installation and subsequent SSL renewals.
Read the rest of this post »
Tags: certificate authority, geotrust, go daddy, godaddy, ssl, ssl certificate, ssl123, Thawte
Posted in LuxSci Library: Security and Privacy
8 Comments »
Tuesday, March 17th, 2009
The situation: your organization needs to collect information from clients through from(s) on your web site, but that information is sensitive. So, you need to be absolutely sure that the information is transferred from the users of your web site to you in as secure a fashion as possible. This means that
- no one but you (or optionally your authorized staff) can intercept or read the information,
- the information is never stored insecurely anywhere
- the information cannot be modified without your knowledge
Why would this high level of security and privacy be necessary? There are many cases where they are essential; some of these include:
Read the rest of this post »
Tags: encryption, hipaa, pgp, phishing, s/mime, secure, secure email, secure web form, ssl, ssl certificate, web form, web site
Posted in LuxSci Library: Web Design and Programming, TechNotes
No comments »
Friday, March 13th, 2009
Section 1: Introduction to Email Security
 You may already know that email is insecure; however, it may surprise you to learn just how insecure it really is. For example, did you know that messages which you thought were deleted years ago may be sitting on servers half-way around the world? Or that your messages can be read and modified in transit, even before they reach their destination? Or even that the username and password that you use to login to your email servers can be stolen and used by hackers?
This article is designed to teach you about how email really works, what the real security issues are, what solutions exist, and how you can avoid security risks.
Information Security and integrity are becoming more important as we use email for personal communication and business. While you are reading this article imagine how security problems can affect your business or personal life…. if they have not already.
Read the rest of this post »
Tags: asymmetric encryption, eavesdropping, email security, false messages, http, identity theft, imap, invasion of privacy, message modification, Message Replay, opportunistic TLS, pgp, pop, repudiation, s/mime, Simple Mail Transport Protocol, smtp, SMTP relaying, smtp server, ssl, ssl certificate, symmetric encryption, tls, Unprotected Backups
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, TechNotes
14 Comments »
Monday, January 19th, 2009
 Our sales staff has been asked this question countless times. It is a natural assumption that because SSL and TLS encryption of email (and web sites) requires use of an "SSL certificate", that one must buy an SSL certificate in order to use such a service. Fortunately, the answer is always
You do not need to buy your own SSL certificate to use secure email.
We’ll explain why.
Read the rest of this post »
Tags: client certificate, email security, encryption, secure email, ssl, ssl certificate, ssl email, tls
Posted in LuxSci Library: Security and Privacy, TechNotes
1 Comment »
|
 |
|
LuxSci’s SecureForm service enables you to quickly make your web site or PDF forms secure and HIPAA compliant. Receive the form data, including uploaded files, via secure email or download the data securely from LuxSci’s web interface. It also supports insecure form posts and delivery, making the usual form-to-email process easy to setup and protected from form Spam.
Email updates:
