Web Hosting Provider Go Daddy’s Rapid Growth Extends To EV SSL Certificate Market

August 5, 2011 – (HOSTSEARCH.COM) – Go Daddy, the world's largest provider of Web hosting, domain names and net new SSL Certificates, leveraged its pricing and unparalleled customer care to become the second largest EV SSL certificate provider in the world ... showing how giving customers what they want is a winning proposition.

According to a report issued yesterday by leading industry analyst, Netcraft Ltd., "Go Daddy's continued strong growth has caused it to become the second largest EV certificate authority this month." Netcraft's report also states Go Daddy was the fastest growing domain validated SSL provider in the market.

"Our rapid growth in the EV SSL market demonstrates how important it is to give customers what they want - a reliable product at a great price," said Go Daddy President and COO Warren Adelman. "Go Daddy Certificates cost up to 15 times less than our competitors. Our customers know Go Daddy Certificates provide the same industry-standard security as other companies, but are backed by our industry-best customer support." 

Go Daddy began providing SSLCertificate in 2004 with a dedication to its core principles - affordability, ease of use and world-class 24/7 customer care. In 2007, Go Daddy helped draft the guidelines for Extended Validation (EV) certificates, helping improve the security for online transactions dramatically. In June, Go Daddy announced it had surpassed 500,000 SSL certificates under management.

SSL certificates encrypt transactions between servers and browsers to ensure data is kept secure. The process to obtain an SSL certificate varies based on the kind of certificate purchased. Go Daddy's Premium SSL Certificates, or Extended Validation Certificates, require the highest level of identity verification prior to issuance. A site secured by an Extended Validation certificate displays a green address bar in most browsers, along with the organization to which the certificate was issued.

With one-third of the Internet running through its DNS servers, Go Daddy recognizes the role it plays in Internet security. Go Daddy provides an entire security solution - products like SSL certificates and Premium DNS, which protect against traffic redirection and DNS poisoning, help website owners, and visitors alike, stay safe online.

About The Go Daddy Group, Inc.

Go Daddy is a leading provider of services that enable individuals and businesses to establish, maintain and evolve an online presence. Go Daddy provides a variety of domain name registration plans and website design and hosting packages, as well as a broad array of on-demand services. Go Daddy has more than 40 cloud-based products and services. These include products such as SSL Certificates, Domains by Proxy private registration, ecommerce website hosting, blog software, search engine optimization utilities, podcast packages and online photo hosting. The Go Daddy Group has more than 49 million domain names under management. Go Daddy registers, renews or transfers more than one domain name every second of every day. GoDaddy.com is the world's largest Web hosting provider and is the world's No. 1 domain name registrar according to Name Intelligence, Inc. In 2010, The Go Daddy Group registered more than one-third of all new domain names created in the top six generic top-level domains, or gTLDs, including .com, .net, .org, .info, .biz and .mobi.


Source URL:-http://www.hostsearch.com/news/the_go_daddy_group_inc_news_10761.asp

Alternatives to Wildcard SSL

When browsing the Internet, you may notice that some websites include a padlock next to the URL. This signifies that that website is secured by an SSL certificate, which is short for "Secure Socket Layer." The certificates are used by website developers to encrypt data transmitted on websites. For example, you should be using a SSL Certificate if you will receive customer's credit card or other sensitive information on your website. There are several alternatives to Wildcard SSL.

1. GoDaddy SSL Certificates

   • GoDaddy offers standard and premium SSL certificates that are used to secure websites. According to the site's description of the two options, the standard certificate validates domain ownership, and secures the site "within minutes." Unlike the premium version, the standard version does not offer a green address bar, which alerts visitors that the site is secure. However, it does offer the padlock icon for covered domains.

   Symantec SSL Certificates

   • Symantec offers more than 70 percent of the SSL certificates on the world's top 1,000 domains. Symentac's offers SSL certificates through its VeriSign service. It also includes daily malware scanning, ensuring that visitors machines will not be infected by visiting your site. Finally, the VeriSign SSL certificates offers the green address bar and the padlock.

   GeoTrust

   • GeoTrust is another option for SSL certificates. The website lists six different SSL certificate options. They are the True BusinessID, True Business ID with EV SSL, True BusinessID Wildcard, UC/SAN and GeoTrust QuickSSL Premium. Each certificate option offers varied features. For example, the True BusinessID certificate offers full authentication and a GeoTrust site seal, while the True BusinessID with Extended Validation offers the same features with an extended warranty.

   Network Solutions

   • Network Solutions also offers five different SSL certificate options: Limited Verification, Basic and Advanced Business/Organization Verification, along with Wildcard SSL Certificate and Extended Verification. The major differences between these are the degree of warranty for each package, along with the difference in organization sizes. For example, large organizations may prefer the "Wildcard" or the "Extended Verification," which both include a larger warranty than the smaller packages. Each also offers the browser padlock and a site seal.

     
     

     Source URL:-http://www.ehow.com/info_10019876_alternatives-wildcard-ssl.html

Facebook and Two Factor Authentication (2FA) - for better or worse?

The recent news around Facebook security and the visibility in the media of identity loss stories have some positive outcomes - end users are slowly being introduced to new terms and security concept by companies such as Google, Facebook and Dropbox in an attempt to educate the Internt population about security.

As technologists, we don't make it easy for users to understand technologies when we have so many acronyms and catchy (for some) code names. Most users wouldn't have any idea what SSL, TLS and HTTPS stand for, let alone care about the differences between them, and many don't understand that websites with a https:// and a gold coloured browser lock may be secure, but may not be a trustworthy place to provide your personal details. https certificates are cheap, and many phishing websites use them to convince users they are trustworthy.

The challenge of educating users so they make a fewer number of security impacting errors needs continued effort by providers of Internet content services from Amazon to Google to Microsoft to Yahoo, as well as support from Governments and action groups like the Australian Safer Internet Group.

On Wednesday 26th of January 2011 Facebook announced the release of several new tools to help users stay safe while using the site. Most interestingly, users are now able to enable two factor authentication (via an SMS token) to add an additional layer of security to logins, as well as browse the Facebook site via https. These changes are in addition to the Account Settings released late 2010 which enabled registration and tracking of Facebook logins and the ability to remotely 'end' a Facebook login (the ability to end sessions via SMS is not currently available to Australian users).

The two factor authentication process works as expected. If enabled from the Account Settings section within Facebook, users enter their email and password and are prompted to enter an additional code that will verify them as the account owner. An SMS code is sent to the users registered phone number and the user session is allowed access to Facebook. The site uses the mobile phone number from the Facebook user's profile.

Once the session is established, the time and date details of that session along with rudimentary geolocation information is also collected by Facebook. This allows users to check where logins to Facebook have been originated and gives users a clearer understanding of whether their account has been compromised through the loss of their password.

Paul Ducklin, from security vendor Sophos, approves. "The new feature means that you'll get warnings about unauthorised access attempts pushed to you. Furthermore, the crooks won't be able to login because they won't have the magic code in the SMS which is needed to proceed."

However, during the recent AusCERT2011 conference on the Gold Coast Amit Klein of Trusteer added another two acronyms as he warned that the criminals were targeting smartphone devices to specifically intercept SMS token security technologies; MITMO for 'man in the mobile' and ZITMO for 'zeus in the mobile' may not have caught on widely in daily banter but as concepts present a challenging threat.

Malware which takes over the device used for what would otherwise be considered 'out of band' (a mobile phone) and works hand in hand with malware which is installed on the PC is a truly scary idea.

A number of security vendors are working on anti-malware and anti-virus solutions for smartphones. This includes Kaspersky Lab who provide protection for Android, Nokia Symbian OS and Windows Mobile devices. Kaspersky Mobile 9 also offers the ability to locate a lost phone via GPS, local encryption of contacts, the ability to block outgoing SMSs with whitelists and blacklists, and a remote wipe function.

Kaspersky Mobile 9 was clearly a response to user requests. Sergev Nevstruev, Director of Mobile Services at Kaspersky Lab stated "We always listen to our clients' preferences and desires, whether in connection with the capabilities of our solutions, or our distribution channels".

Facebook’s two factor authentication (2FA) implementation does have potential limitations, once you log in from one computer and provide the 2FA authentication authorising that machine and browser combination you never need to re-authenticate with an SMS token for that machine/browser again.

Sessions from an iPhone using the Facebook app didn't register against the devices Facebook had recorded, although Facebook forced the Facebook app to login using the account username with an SMS token instead of a password once Account Security was enabled.

Ducklin continues. "It's a pity Facebook isn't offering an option to let you enable 2FA every time you login. It would be even nicer if they added a token-based option (and they'd be welcome to charge a reasonable amount for the token) for the more security-conscious user." Some banks, such as the Commononwealth Bank, provide security hardware tokens which require the user to enter a 6 digit number which the device produces at the push of a button.

So are users catching on? Only time will tell but compared to a couple of years ago your users are more likely to understand Internet security concepts because of the non-work applications they use from their home computers and that makes the job of an enterprise security architect just a little easier. 

TheSSLstore.com provide the EV SSL Certificate at discounts through its Platinum Partnership with VeriSign, GeoTrust, Thawte, and RapidSSL, offering SSL certificates at steeply discounted rates, 24/7 support, and a 30-day money back guarantee. TheSSLstore is one of the largest and most trusted SSL certificate providers globally, with clients ranging from NASA and IBM to thousands of small businesses.

Source URL:-http://searchsecurity.techtarget.com.au/news/2240036132/Facebook-and-Two-Factor-Authentication-2FA-for-better-or-worse