Keeping Your Web Site Secure

Given all the various threats today against web based services, there is no one solution for keeping you site secure. Today, I am discussing how to manage the "Keys to the Kingdom" also known as your web site identity and encryption (SSL) certificates. These certificates, if stolen from your web site, would allow any miscreant the ability to digitally take the identity of your web site in such a way your customers would have little to no defense over.

Most web sites store their keys on the web server and protect the keys (certificates) by encryption. While encryption is good, any good hacker can break most encryptions given enough time. Since you will likely not change web site certificates frequently, this poses a significant risk to your site.

There is a solution in the form of FIPS certified Hardware Security Modules (HSM). HSMs can either be embedded into a physical server or connected to the network. HSMs are designed as a "Fort Knox" to securely store your web site certificates. When using a HSM, the web site refers SSL connections to the HSM for all setup including selection of the encryption algorithm and creation of the symmetric encryption key for that specific SSL connection. The HSM securely delivers the SSL session encryption key to the web site which then uses it to create the encrypted connection from the user's browser to the web site.

Information Assurance considers confidentiality, integrity and availability as core tenants. HSMs and SSL help address confidentiality and integrity concerns, while a properly architected solution with minimal or no single points of failure address availability concerns. In today's complex world of physical/virtual/cloud computing and private/public/hybrid architectures, achieving availability is almost impossible without the use of load balancing/application delivery controller technologies.

KEMP Technologies delivers the lowest cost, easiest to use, most compute flexible, and technically innovative solutions to enabling availability across all computing environments and architectures. Our LoadMaster solution is enabled to consume services from networked HSMs and can offer you the ability to load balance not just within a single data center, but also across any number of data centers built on any number of architectures. This enables organizations to achieve exceptional availability at commodity pricing levels.

To learn more visit us at https://kemptechnologies.com.