Internet site security requires a layered approach, at least if you want to sleep well at night! No single layer provides 100% protection. Encryption ensures that no one can “listen in” on a conversation between a browser and a web server. However, hackers may be able to divert or send a user to a fraudulent site pretending to be yours. If you operate an e-Commerce site, your site visitors need to be assured that your site is exactly what it purports to be. That is what assurance is all about. A high level of assurance is required with your SSL protection so that site visitors have the confidence to do business with you.
Does encryption plus assurance equal 100% protection?
Not quite. It’s close enough that Comodo can offer generous warranties.
However, there have been some very rare cases where the certificate validation system has been compromised. More important, however, is that your network and web server must also be protected to ensure that hackers do not compromise web pages and page objects.
In addition to strong network firewalls, your site should undergo a regular vulnerability scan from a service such as Comodo HackerGuardian. HackerGuardian PCI Compliance Scanning is a vulnerability assessment scanning solution designed to achieve and maintain industry compliance and retain the ability to accept card payments. Using a secure online interface, administrators can remotely run scans to PCI standards on their externally facing IP addresses that touch the credit card acceptance, transmission and storage process.
Since a network is only as vulnerable as its weakest link, it is important that a company also use an Endpoint Security Management System, such as Comodo ESM. Comodo’s new CESM 3 platform provides Comodo’s top ranked anti-malware suite that proactively protects your servers, workstations, laptops and netbooks, while offering advanced, real-time management and control over critical system resources.
The bottom line is that securing your web site and protecting your customers begins with SSL encryption and assurance, but a comprehensive and layered approach is required for complete protection of your site.