Ports Group – English / Blog / SSL/HTTPS School 3 out of 3 – “Safe management of SSL-certificates minimises the risk of business critical consequences”

28, May 2020

SSL/HTTPS School 3 out of 3 – “Safe management of SSL-certificates minimises the risk of business critical consequences”

Websecurity
English
pll_61810e56bcc85
3-en

This is the third and final post in our campaign to raise awareness and knowledge about SSL-certificates and HTTPS.

In the first post, we discussed the basics of SSL/HTTPS. Our conclusion there was that a using SSL-certificates has gone from being an exception to becoming a rule. Read the first one here.

In the second one, we discussed the different types of SSL-certificates, and why those differences actually are important to be aware of. Our conclusion was that the higher the level of SSL-certificate, the more value added to your brand. Read the second one here.

In this post, we will conclude this campaign by discussing the perhaps least discussed aspect of SSL-certificates, how to safely manage them in order to avoid potentially business critical consequences.

Risks

SSL-certificates are usually registered:

  • At various points in time
  • For various periods
  • At different providers
  • By different people

This makes managing certificates, even across a small organisation, very difficult. Not to mention how complex it gets when it comes to larger organisations.

The two single greatest risks associated with certificate management are:

  • Improper implementation
    Improper implementation can actually be worse than not having an SSL-certificate in the first place.
  • Poor certificate management
    Poor management of certificates can have business critical consequences. Everything from external effects such as unreachable websites and damaged reputation, to internal effects such as incapacitated employees and/or leaked confidential documents.

What happens when/if an SSL-certificate runs out?

When a certificate is not renewed, the encryption is no longer ensured and therefore no longer secure.

SSL-certificates run for a finite period, up to one year. A common misconception regarding SSL-certificates is that that they are “renewed”. In practice, an SSL-certificate needs to be replaced with a new one. However, in some cases a certificate needs to be replaced long before its expiration date.

The most evident use of SSL-certificates is the previously mentioned transition from HTTP to HTTPS on a website, recognizable by the nowadays iconic padlock in the browser address field. The effect of a non-functioning SSL-certificate for websites is painfully clear when it happens. The entire link structure on the site is based on HTTPS, not HTTP. When the SSL-certificate for the site is not renewed, the entire site becomes unreachable for visitors since the protocol is not supported.

However, many forget that SSL-certificates are not just used for encrypting the traffic between a website and its visitors. SSL-certificates are actually used in a number of different ways, for many different purposes. For example VPN-connections, applications, cloud services, server to server communication and so on. Failing to manage SSL-certificates can affect a company’s entire infrastructure.

An example of this is the recent Oculus Rift service outage in March 2018, caused by an expired SSL-certificate.[1]

These sorts of service disruption can affect customer loyalty!

Best procedure for managing SSL-certificates

At Ports Group, our aim is to ensure the same secure management of SSL-certificates as with domain names and trademarks. For maximum protection against certificates failing because of poor management, our recommendation is to always consolidate your certificates.

Let our team of experts help you with a plan for a more secure certificate management according to the following stages:

  1. The analysis
    In collaboration with you, we analyse your current certificate situation. Which certificates are there? From which providers? And so on. The analysis is summarized in a document containing a recommended action plan for optimizing the current certificate management.
  2. Creating control
    Based on the action plan, we enable the client to make sure every certificate is under control, with the aim of every certificate being managed by Ports Group for total control and security.
  3. Ongoing certificate partnership with portfolio management
    Ports Group is a Platinum Partner of Digicert, and we have the ability to provide our clients with a smooth and secure certificate partnership, with one dedicated contact and safe management.

Want to check if you have an SSL-certificate?

We recently launched a free analysis tool named besafe.online. The tool primarily checks your site for an SSL-certificate, but also provides additional information related to the security of a site. For example, if the site has DNSSEC and DMARC implemented.

Click here to get to the tool:

besafe-online

Sources:

[1] https://www.theverge.com/2018/3/7/17092084/oculus-rift-headsets-stopped-working-expired-certificate

Related reading

Ports Group BRANDIT Metaverse

What is the Future of Trademarks in the Metaverse?

Trademark
English
23, May 2023
Challenges of protecting trademarks within the Metaverse: Increasing wave of trademark requests for virtual goods...
Läs mer
Increased DDoS attacks - how to prevent

Increased DDoS attacks – what can you do to protect your company

Websecurity
English
16, May 2023
Compared to the previous year, the number of DDoS-attacks has grown by 150 % in 2022 on a global basis. And the tr...
Läs mer

SSL/HTTPS School 2 out of 3 – “What types of SSL-certificates are there, and which should we use?”

Four times greater risk for phishing if you haven’t applied a DMARC policy

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At Ports Group AB, corp. ID no. , we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all