Skip to main content

'Let's Encrypt' aims to drive adoption of HTTPS

Some of the world's biggest security companies are working together to develop 'Let's Encrypt' - a new certificate authority (CA) offering free and automatically renewable HTTPS web encryption.
Due to launch next summer, Let's Encrypt has been established by Mozilla, Cisco, Akamai, the Electronic Frontier Foundation, IdenTrust as well as researchers at the University of Michigan  - who are working through the California-based Internet Security Research Group (ISRG).
The aim is for the CA to drive the adoption of HTTPS web encryption and to do this by making obtaining the SSL certificate as easy as clicking a button or issuing a simple shell command.
The accreditation is free to anyone who owns a web domain, certificates can be reviewed for transparency, while the security companies behind the project say that the management software installed on web servers proves that the domain holder controls the website, has obtained a browser-trusted certificate and has set it up on their web browser.
In addition, the software enables users to track when the certificate is due to expire and can also help should users want to revoke the certificate.
Labels:

Comments

Post a Comment

Popular posts from this blog

Time to get serious in 2015

Security professionals are faced with the on-going problem of stakeholders under-estimating the security flaws within their organisation. In most cases this is not the failing of the security team but depending on the market/vertical, teams are faced with budget constraints, redundancies, or most commonly, companies not taking responsibility that Security starts within. This means educating internal staff to take responsibility from the moment they walk into the office; I.e. The devices they bring, the doors that they open to 'guests',  the confidential conversations they have in open areas and the general ethos. Furthermore, there is the responsibility of your key suppliers and other third parties that you share information with.  You may have all the IT/Cyber security gadgets and resources you need but what are your suppliers doing with that data? Do they share the same vision for security and are they as vigilant as you? How do you measure that in an effici...
Post a Comment
Read more

ICO Referendum response plus UK Gov recommendations to #DataBreaches and University gets suffers Second #DataBreach

ICO Referendum result response An ICO spokesperson said: “The Data Protection Act remains the law of the land irrespective of the referendum result. “If the UK is not part of the EU, then upcoming EU reforms to data protection law would not directly apply to the UK. But if the UK wants to trade with the Single Market on equal terms we would have to prove 'adequacy' - in other words UK data protection standards would have to be equivalent to the EU's General Data Protection Regulation framework starting in 2018. “With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations and to consumers and citizens. The ICO’s role has always involved working closely with regulators in other countries, and that would continue to be the case. “Having clear laws with safeguards in place is more important than ever given the growing digital economy, and we will be s...
Post a Comment
Read more

Human Error, a common theme in the ICO data breach findings #UK #ICO

The ICO recently carried out a study of the recent security incidents that have been reported or notified to the ICO. It's no shock that data breaches are on the rise with two-thirds of sectors studied reporting an increase in the first quarter compared with the same time a year ago, according to new ICO figures. The data protection watchdog, ICO have shown findings for the period 1 January – 31 March 2016 and uncovered some worrying statistics. Below are the key data security issues for each sector:  Data security incidents by type: The main data security issues within the health sector were: Data being posted or faxed to an incorrect recipient – 22% of incidents. Loss or theft of paperwork – 20% of incidents. The main issues for local government were: Data being posted or faxed to an incorrect recipient – 23% of incidents. Failure to redact data – 16% of incidents. Loss of theft of paperwork – 14% of incidents. The main issues for education were: Los...
Post a Comment
Read more