Skip to main content
  • Industry Solutions
    • Managed Service Providers
    • Enterprise Solutions
    • Developers & Startups
    • Healthcare
    • Trading and Financial
      • Chicago Managed Trading Servers
      • Trading and Financial Colocation: Chicago & New Jersey
    • IBM AS/400 and iSeries Users
  • Support
    • Register
    • View Tickets
    • Submit a Ticket
    • Knowledgebase
    • News
  • Steadfast Blog
  • Steadfast Podcasts
  • Contact Us
Home
  • Call Us
  • Call | 888.281.9449
  • Login
  • Search

This form logs you into your management portal account. To access your help desk account, click here and use the form to the right of the news.

  • Cloud Hosting
    • Cloud Hosting
    • Private Cloud
    • Hybrid Cloud
    • Public Cloud
    • Cloud Storage
      • Secure File Share
      • Wasabi Cloud Storage
    • Virtual Data Center Platform
  • Managed Hosting
    • Bare Metal Dedicated Servers
      • Deep Learning GPU Dedicated Servers
      • Linux Dedicated Servers
      • Windows Dedicated Servers
    • Virtual Private Servers
    • Data Center Colocation
      • Managed Colocation
      • Chicago: 350 E Cermak
      • Chicago: 725 S Wells
      • Edison, New Jersey
    • Security & Compliance
      • Managed Firewall
      • SSL VPN
      • DDoS Protection
      • Email Security
  • Backup & Disaster Recovery
    • Backup
    • Disaster Recovery
    • Veeam Backup & Replication
    • Veeam Cloud Connect
    • Wasabi Cloud Storage
  • Why Steadfast
    • Why Steadfast?
    • About Steadfast
      • Our History
      • News and Press
    • Data Centers & Network
      • Our Data Centers
      • Our Network
      • Network Test
      • Peering Policy
    • Customer Stories
    • Service Level Agreement
  • Industry Solutions
    • Managed Service Providers
    • Enterprise Solutions
    • Developers & Startups
    • Healthcare
    • Trading and Financial
      • Chicago Managed Trading Servers
      • Trading and Financial Colocation: Chicago & New Jersey
    • IBM AS/400 and iSeries Users
  • Support
    • Register
    • View Tickets
    • Submit a Ticket
    • Knowledgebase
    • News
  • Steadfast Blog
  • Steadfast Podcasts
  • Contact Us
Close
Return to All Blog Posts
Five SSL Weak Points Every Admin Needs To Account For

Five SSL Weak Points Every Admin Needs To Account For

May 4, 2016 in
Security

If you want to establish a secure link between a web server and a browser, SSL / TLS is the way to go. It’s been the gold standard in web security technology for decades, and remains the most widely-used security protocol on the web. Don’t let that lure you into a false sense of security - SSL is important, true, but it’s far from bulletproof.

It has weak points. There are chinks in its armor. And if you aren’t taking measures to hammer those out, then you’re putting your organization - and potentially its customers - at risk.

That’s where we come in. Today, we’re going to go over five of the major weaknesses in SSL. More importantly, we’ll talk about what you can do to secure them.

Let’s dive right in:

  • The Endpoints: The thing about SSL is that it only secures data while it’s being transferred. It provides nothing in the way of at-rest encryption. This means that, if sensitive data is being transferred between server and client, you cannot simply rely on SSL to protect that data. You need to implement server-side (and possibly client-side, depending on your usage scenario) encryption in order to protect yourself.
  • Server Security: As an addendum to the above, how’s the security on your web server? Do you store your passwords in plaintext? Do you run regular malware scans?  
  • Exploits: As noted by Amazon SDM Vinayak Raghuvamshi, SSL itself also contains a number of security weaknesses that make it vulnerable to attacks such as SSL Stripping. He advises pairing SSL with a Layer 5-based tunnelling solution to mitigate any MITM attacks and targeted exploits.
  • Outdated Software: Regardless of which form of SSL you use, you need to do everything in your power to keep it up-to-date. If you willfully use an older version of SSL, you’re potentially exposing yourself to a wide range of dangerous vulnerabilities.
  • Bad Certificates: Lastly, you need to exercise caution when choosing a certificate authority - due diligence is the key term here. Unscrupulous CAs may break their own authentication for a premium, allowing MITM attacks on their clients.

So, there you have it - a brief primer on SSL security. Now that you’ve read it, can you honestly say you’re doing everything you can to keep your server safe? If not, seems you’ve got a bit of work to do.

Share This
facebook twitter email compact

Comments (0)

Leave a Comment

Get an image next to your comment by visiting Gravatar.com and uploading a profile photo that links to your address.

Search the Blog

Categories

backup
(1)
bare metal
(1)
Business Talk
(23)
Chicago
(11)
Chicago colocation
(1)
Cloud
(34)
cloud backup
(1)
cloud services
(2)
colocation
(4)
colocation services
(1)

Archives

  • August 2022 (1)
  • March 2022 (3)
  • October 2021 (1)
  • January 2021 (1)
  • July 2020 (1)
  • June 2020 (1)
  • April 2020 (1)
  • March 2020 (1)
  • August 2019 (1)
  • July 2019 (1)

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed
  • 312.602.2689
  • ColoHouse Sales
  • Facebook
  • Twitter
  • YouTube
  • LinkedIn

Services

  • Cloud Hosting
  • Managed Hosting
  • Backup & Disaster Recovery

Solutions By Industry

  • Enterprise Solutions
  • Trading & Financial
  • Healthcare
  • Developers & Startups
© 2023 Steadfast
  • Log In
  • Site Map
  • Legal Info & Privacy Policy