Making the Web a Safer Place with HTTPS
Did you know that beginning in 2017, Google will be making a move to mark all HTTP pages as non-secure? Once only used for payment transactions, all websites will soon be required to have the HTTPS protocol in place as the number of interactions over the internet continuously grows. Starting in 2017, your users will be met with an alarming, red warning sign in the upper left-hand corner of the address bar with the words “Not secure”. This will only occur if your website is still not delivered over HTTPS, and will appear in most major browsers, like Chrome.
The move from HTTP to HTTPS may require some time and effort, but the benefits outweigh all else. With HTTPS, only your browser and the server can decrypt the traffic running between the two parties, decreasing the chance for a malicious third party to sneak into a session and steal sensitive information, or redirect the user to an undesired website.
Some may have hesitated to make the move due to a few common misconceptions on HTTPS:
Myth #1: SSL certificates are expensive.
Reality: Once upon a time, SSL certs were really expensive. Prices have become competitive over the years, and popular websites offer very cost-competitive prices for basic options. The potential cost of a data breach can be much higher than the cost of the certificate itself, so it is a good investment in the long run to prevent this risk.
Myth #2: An HTTPS website will be slower to respond.
Reality: The latency introduced during the HTTPS connection is trivial (< 100ms), and if delivered through a content delivery network (CDN) like ours, the difference is further minimized.
In addition we offer OCSP Stapling for checking the revocation status of certificates. OCSP stapling enables our servers to send OCSP validation in the TLS handshake. This eliminates an extra round-trip connection to the CA to validate the TLS certificate. In fact, OCSP stapling can speed up TLS connection setup times by up to 35 percent. This is accomplished by offloading certificate revocation status to the edge server from the client.
Myth #3: HTTPS websites need a separate IP address, and as a result, have to pay the additional cost for multiple server hosting and increased complexity of maintenance.
Reality: Running TLS with a CDN will minimize costs and eliminate the need for separate IP addresses. Additionally, Verizon is investing in implementing Server Name Indication (SNI) in the network, which will allow us to bundle multiple certificates into one policy, further preserving the limited IP space.
To get started serving secure, HTTPS traffic to your users, simply put your domain, or cname on a TLS certificate. At Verizon Digital Media Services, we are investing heavily in automated infrastructures as this rise to serve HTTPS traffic increases. We leverage a partnership with the well-trusted Certificate Authority giant, DigiCert, making secure connections via their sha-256 certificates.
We’ve built HTTPS into our Edgecast Content Delivery network infrastructure so it is native to our network and delivers great experiences on every screen. Whether you’re trying to secure traffic for dynamic content, static webpage or for video, we offer various SHA-2 TLS certificate types, including Single Domain, Multi Domain (SANS), Wildcard, and even Extended Validation. This will allow us to create and renew certificates while reducing any latency, making it faster for the user to start seeing secure HTTPS traffic.
Get in touch with our sales department today to find out more about our TLS certificate offerings.