The importance of securing your mail, filemaker, file servers for your business and clients. This is something all businesses should take into consideration when creating a new service on their network and this can be helped with the use of SSL/TLS Certificates.
SSL/TLS is a protocol suite for encrypting an arbitrary protocol. This is an important design decision made as the very groundwork of the internet itself was being laid out. Instead of having to build encryption into each and every proprietary protocol (think FTPS), we now have a common framework for forging an encrypted channel, and then sending information through it such that only the sender and the intended recipient have access to that information. This helps prevents man in the middle attacks, where someone sits in between you and the target completely transparently, forwarding information along in both directions on-the-fly but keeping their own copy for nefarious purposes.
But why is this necessary? What does transport encryption buy you? If you have a user authenticate to a service that *isn’t* using SSL/TLS, anyone on the network can sniff your traffic. That means usernames, passwords, bank data, you name it. If you host a service, it’s your responsibility to protect your clients. You can’t guarantee the security of the network they sign in from. This is true for your internal network too. Unless you’re using 802.1X authentication for wired ports, anyone can plug in and sniff away. If someone manages to get onto your wireless network, pivoting becomes a simple matter of waiting for an administrator to login to a service. All protocols that traverse your network should use transport encryption – emails which might contain sensitive information no matter how well you train your users, file servers which could contain people’s bank records and social security numbers, file transfer ( plain old FTP is considered entirely insecure at this point), and even things like LDAP servers, since a user’s password hash can be used in side-channel attacks, and are often as juicy for an attacker as the plaintext password itself, especially in heterogeneous environments.
As you can see, the need for transport encryption has become entirely pervasive. It is always important to secure your services on your business or home network as running services over unencrypted protocols leave you open to attack and leaked information. Malware exists that will infect an arbitrary machine on your network and allow attacks to remotely gather that information. With the aid of properly secured SSL/TLS endpoints, you can rest a lot easier about the security of your data in-flight.
We have partnered with all leading brands in online security to always give you the right solution to your requirements. Working with companies such as Thawte, Symantec and GeoTrust we have a large selection of business certificates available to secure your network and services.
If you have a service you wish to make sure is secured properly, or intent to create a new service such as a mail server of filemaker server on your network, contact Mac Centre today and our team of professionals can help you build a safe and secure network.