Safe and Secure: The Pros and Cons of SSL Security
Safe and Secure: The Pros and Cons of SSL Security
Join the DZone community and get the full member experience.Join For Free
Hortonworks Sandbox for HDP and HDF is your chance to get started on learning, developing, testing and trying out new features. Each download comes preconfigured with interactive tutorials, sample data and developments from the Apache community.
Security remains a top priority for businesses, especially with the recent rash of security breaches that have hit major corporations, costing upwards of tens of millions of dollars. Needless to say, if companies don’t take issues of security seriously, they’ll likely have to pay for it in some form in the future. One of the most common and popular forms of computer security is that of SSL (secure sockets layer), and that proliferation is only expected to continue to grow. In fact, one report shows that more than a third of all applications used by businesses use SSL for encryption. SSL almost seems like a necessary ingredient of a successful enterprise, and while it does have plenty of benefits, there are some drawbacks that come with it. Each business needs to weigh the pros and cons to determine if SSL is something they need to adopt.
One report shows about 34% of business applications use #SSL for encryption.
Without SSL, e-commerce simply isn’t as secure, and since businesses depend on keeping customers’ information hidden, encrypting that data is of the utmost importance. Transactions over the internet usually involve passing through multiple computers before arriving at the intended destination. SSL effectively encrypts this vital information, making sure it’s unreadable by everyone except the receiving server. SSL certificates also provide proper authentication, which ensures information being sent over the web only goes to the right server. From this explanation, it’s easy to see one of the major benefits of SSL is how it protects customers’ information and data, providing a greater degree of security and privacy when handling their transactions. It’s also a factor that customers can actually see happening. Sites that use SSL will have their web address change from the “http” protocol to the “https” protocol. This is also accompanied by the graphic of a padlock in the browser bar, providing a visual cue to customers and clients and letting them know their information is protected. By using SSL, businesses can gain more trust and confidence from customers since they’ll know companies take their information seriously and are doing what they can to protect it. Without that level of security, it’s very likely that customers will look elsewhere for online services and needs. SSL can also protect customers and businesses from phishing scams. These scams usually try to imitate websites, but without an SSL certificate (which is hard to obtain), a perfect impersonation is almost impossible.
Increased security and privacy are certainly big benefits to using SSL, but what are the drawbacks? There are several disadvantages that come with adopting SSL that businesses should examine. The first is the overall cost of installing SSL security. SSL vendors provide a highly sought-after product, which means they can usually charge high prices for their services. Plus, the process of implementing SSL usually requires the installation of an entrusted server, while also validating the identity of the business, which can take time. Installation of the system is also a complex undertaking, one which can be difficult at times for those with limited knowledge in security technologies. Installation requires following specific instructions from SSL vendors and may require some trial-and-error on the part of the business. Even after becoming secure through SSL, businesses need to remember to renew their SSL certificate, which can expire every one to five years depending on the certificate. If renewal of the certificate doesn’t take place, the business’s website will display an error message alerting users to this fact. Another drawback is the performance issues which can take place for websites with SSL protection. Since running SSL requires more resources on the server’s part in order to encrypt sensitive information, website performance may suffer, at least for those sites that have a lot of visitors. Also, since SSL is fairly common, attackers have devised ways to get around it with banking Trojans. In fact, a Trojan program is blamed for playing a role in the major security breach that stole customer information from Target, despite the company’s use of SSL and other security measures.
While these disadvantages of SSL should definitely be considered, many of them can be overcome. Performance issues can be addressed with specialized hardware. Prospective attackers can be stymied with selective decryption. Overall, the advantages that come with SSL are too strong to ignore. If businesses are looking to protect their customers’ data and maintain a safe online operation, SSL is one incredibly useful tool that should be a part of every company’s internet strategy.
Opinions expressed by DZone contributors are their own.