Login

Secure Sockets Layer

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information.

SSL secures millions of peoples’ data on the Internet every day, especially during online transactions or when transmitting confidential information. Internet users have come to associate their online security with the lock icon that comes with an SSL-secured website or green address bar that comes with an extended validation SSL-secured website. SSL-secured websites also begin with https rather than http.

SAS 70 Type II

The State on Auditing Standards No. 70 (SAS 70) Type II certificates were awarded to data centers that adhere to the industry’s strictest criteria.

The State on Auditing Standards No. 70, also known as SAS 70, was developed by the American Institute of Certified Public Accountants. AICPA is an association of more than 370,000 CPA members in 128 countries, spanning from industries in public practice, education, government, student affiliates and international associates.

It determines the profession and U.S. auditing standards for audits of non-profit organizations, federal, state, and local governments, and private companies. Founded with the basis of professional ethics and public interest, the AICPA issues out the SAS 70 Certification with confidence and authority to worthy institutions.

Valid E-Signature

Adding esignatures to an electronic document needs to be done so that they are valid. There are several ways in which this is accomplished.

Hashing:

This is a mathematical transformation, not quite waving a magic wand, but almost. Hashing takes the content of a document and creates a ‘hash’ from it – this creates a unique fingerprint of the data.

Authentication of the signatory:

The person that signs the document needs to be identified as being, who they say they are. In the real world this is usually done by a notary checking an identity document, such as a driver’s license. In the digital world, this is done using a digital certificate. Digital certificates are issued by companies called ‘certificate authorities’ and certificates represent a digital version of you. They are composed of two main parts, a private key (that is never revealed but used to encrypt things) and a public key which is used to decrypt something encrypted using the matching private key.

Encryption:

The document hash is encrypted using the private key of the certificate of the user; this makes the actual digital signature or esignature. A timestamp is also associated with the signature at the point of adding it; this is important for non-repudiation.