Symantec: Using Always-on SSL/TLS to Maximize Web Security and Enhance the End-user Experience
|As great as the Internet is for adding depths to business applications and enriching relationships through social media, a trade-off exists—intellectual property and personally identifiable information (PII), such as debit and credit cards, are potentially exposed. Adding depth and function to Web applications and websites also increases the opportunity for cyberattacks and makes websites and end users more vulnerable.
Encryption is increasingly being adopted as Web properties look to improve security, https:// or data-in-transit. Hypertext Transfer Protocol Secure (HTTPS)-enabled websites ensure privacy of the bi-directional communications between websites and their visitors through the Internet by encrypting the communications. While these communications could conceivably be intercepted by a third party, they are difficult to decipher without the proper decryption keys. Certificate Authorities (CA) issue SSL/TLS certificates, which include public keys, identity information, and other data.