Friday, October 29, 2010

3 Tips To Protect Yourself From Internet Hacked

Like never before ,we are living in the age of the digital,the world of Internet is in the super high speed ,information overload,the would without boundaries.We have enjoyed lot of high tech communication benefit,such as easy access to medical records, online shopping and billpay, cellphones with Internet access,etc.

It's true that The Internet is one of the great bastions of freedom and innovation in our civilization.But on the other hand ,the ease with which you can access and share your information has created a new breed of criminal.

If you have private information on the web or your computer, you can rest assured some unscrupulous person is trying to access and reuse it for their personal gain. That's why being security savvy in the online world is so important!

Below listed some of the tips on how you can protect yourself online from malicious hackers, computer viruses, and software vulnerabilities:

1.Passwords: Change your passwords frequently and avoid using the same password for all of your logins. Also, choose a password that won't be easy for outsiders to deduce. Avoid using birthdays, anniversaries, last names, pet names, or family member names as the basis for your password.

You can increase your password strength by intermixing capital letters, numbers, and symbols with the actual word. For instance, instead of "calculator" try "c@lcul@T0r"--a substantially stronger password and less likely to be hacked.

2. Keep your personal information Privatee: We love how new social media outlets such as Facebook® and MySpace® keep us in touch with friends and family. However, if your privacy settings aren't configured correctly, you may be unwittingly sharing your personal information with a broader audience than you'd intended.

For those of you who've used these sites to post information such as your birthday, home town, current address, email address, work history, educational history, and even pictures labeled with the names of your family/friends/pets, you've potentially made a goldmine of personal data available to identity thieves. Keep your information secure by regularly reviewing and revising your privacy settings on social network sites.

Alternatively, reevaluate how much of this data you really need to post online. Do you really need to share your home address and phone number? Consider providing this information only upon request and send it to friends or family via private message rather than posting it on a virtual wall.

3. Secure your computer: Anti-virus and firewall software are critical components in the fight to stop computer viruses and eliminate software vulnerabilities. A variety of solutions exist; choose one that fits within your budget and provides the security you need. But before you purchase any software, contact your Internet provider to see if they offer a solution. Some Internet providers, such as Comcast, provide free anti-virus protection for their customers.

Most importantly, keep your virus protection up-to-date and ensure it is properly configured. New threats are discovered every day and failing to keep on top of updates may leave you vulnerable to attack. To avoid this, set the system to automatically update for you..

Rise the awareness of you computer safety,hacker and scammer are everywhere.There are closer than you think..

Friday, August 6, 2010

SSL Certificates Reports And Renewals

 These is the step 5 of 6 Steps To Single-point Control SSL Certificate

STEP 5. Run Regular Reports On Available Units And Renewals.
Access to real-time information about enterprise-wide SSL Certificates helps system administrators better manage their time and resources. I

nstead of tracking certificates in a spreadsheet, summary and detail reports show the actual unit inventory across the enterprise by certificate status: all requests and certificates, pending, approved, rejected, valid, revoked, deactivated, expired, or expiring.

A renewal report with 90, 60, and 30 day alerts helps an administrator plan the quarterly budget for SSL Certificate renewals. Administrators may customize detailed certificate usage reports by organization or administrator. Audit logs record detailed history of all administrator actions related to every issued certificate.

Output: Better resource allocation and oversight.


These is the Final step of 6 Steps To Single-point Control SSL Certificate

STEP 6.Revoke and replace certificates as needed.
Consolidated inventory and management tools make it easier to revoke and replace certificates. If a private key is lost or compromise or if a server crashes and a certificate is deleted, the administrator can revoke the certificate and issue a replacement.

Output: More control over lost or missing certificates.





Source:VeriSign  
Taking Control of SSL Certificates While Improving Security and Reliability

Define Administrative Multiple SSL Certificate

  This is the step 4 of 6 Steps To Single-point Control SSL Certificate

4.Define An Administrative Process For Your Organization.
An enterprise certificate management account enables authorized administrators to purchase multiple certificate units at one time for issuance, as needed, throughout the organization. The administrator defines a process to streamline administration according to the desired level of control, including: who has what privileges, how enrollment works, and who receives what type of notifications.




Tcertificate management system should have the flexibility and customization tools necessary to tailor it to your environment. Role-based access control and dynamic assignment of privileges help enforce the administrative process. Administrators log in to the system with unique credentials to perform the lifecycle tasks available to them based on their role and organizations.


 To request an SSL Certificate, a subscriber visits an enrollment page and completes a Web-based form. The certificate may be instantly approved or rejected or set as pending, depending on the pre-determined administration rules. Domain blocking prevents subscribers from purchasing individual certificates for managed domains by redirecting them to the managed account enrollment page.

Pre-set notifications help streamline the process and alerts keep administrators informed. Expiration alerts, sent as emails or text messages, may be sent to several administrators and an alias account.


When the number of available certificate units drops below a set number, the administrator receives a replenishment alert to purchase more. Pending alerts let administrators know when they need to log-in and review requests. Confirmation emails notify administrators of instantly-issued certificates.

Output: A clearly articulated administrative process integrated into the management system.


NEXT: Run Regular Reports On Available Units And Renewals.



Source:VeriSign  
Taking Control of SSL Certificates While Improving Security and Reliability

How To Migrate All ssl Certificates

This is the step 3 of 6 Steps To Single-point Control SSL Certificate

STEP 3.Migrate All Certificates Into A Managed Account.
If the enterprise requires 10 or more SSL Certificates, consolidating certificates into a single, managed account may save time and money. As current certificates approach their expiration date, replace them with units from the primary managed account.

Select a primary management account for consolidation that supports all types of certificates required. Today’s SSL Certificates offer a range of encryption strengths and authentication levels. But many SSL enterprise management tools require a different log-in for each type of certificate.

As the organization grows and the number of administrators increases, managing multiple accounts for different types of SSL Certificates will become cumbersome unless you have single-point control. 

Output: A single, managed account for all certificates within the enterprise.


NEXT:Define An  SSL Certificate Administrative Process



Source:VeriSign  
Taking Control of SSL Certificates While Improving Security and Reliability

Confirm Contact Information On All SSL Certificates.

This is the step two of Six Steps To Single-point Control SSL Certificate

STEP 2.Confirm contact information on all certificates.
Confirm contact information on all certificates. During the enrollment process for most SSL Certificates, the purchaser provides contact information for a Technical Contact, including name, phone number, and email address. The Technical

Contact plays an important role in the authentication and renewal process. If that person leaves the company without reassigning their responsibilities, renewal notices may go to the wrong address.

If a certificate expires, a critical service may be disrupted. Updating contact information with an alias, such as ssladmin@yourdomain.com, ensures that messages will reach an active administrator.  

Output: Up-to-date contact information on all certificates.

Next :Migrate all SSL certificates







Source:VeriSign  
Taking Control of SSL Certificates While Improving Security and Reliability

Six Steps To Single-point Control SSL Certificate

 A Guide to Single-Point Control   
What begins as a single Web server can quickly grow into a server farm, and what began as a local company can quickly become a global enterprise. Such growth requires systems administrators to suddenly manage several administrators. Before such a crisis hits, an organization should take control of SSL across the enterprise and create a better management system following these six steps.

+ Six Steps To Single-point Control 
This guide shows IT professionals how to consolidate their SSL Certificates into a single, Web-based management system using VeriSign® Managed PKI for SSL to acquire, issue, and manage all types of SSL Certificates across the \whole enterprise.

1. Perform an audit of all domains and SSL certificates.

2. Confirm contact information on all SSL certificates.

3. Migrate all SSL certificates into a managed account.

4. Define an  SSL Certificate administrative process for your organization.

5. SLL regular reports on available units and renewals.

6. Revoke and replace SSL certificates as needed









Source:VeriSign
While paper :Taking Control of SSL Certificates While Improving Security and Reliability

Perform an audit of all domains and certificates

 Part 1.  Perform an audit of all domains and certificates.
The SSL Certificate audit should note the location, expiration date and validity period, the vendor, and the contact listed for every SSL Certificate in your enterprise. Whether starting from scratch or validating an existing list, anyone who might have purchased an SSL certificate should be notified of the audit and be asked to contribute information. In addition to domain and Web servers, certificates may also be used to secure applications such as mail servers.

The NSLookup tool maps domain names to IP addresses to help find the location of missing certificates. If a certificate cannot be found or is no longer needed, be sure to revoke it to prevent misuse.

The audit is a good time to evaluate the type of certificate used and make sure it meets your current needs. Would a highly visible, public Web server benefit from an upgrade to a new SSL Certificate that meets the CA/Browser Forum Extended Validation Standard? Does the intranet need SSL protection?

To request an SSL Certificate, a subscriber visits an enrollment page and completes a Web-based form. The certificate may be instantly approved or rejected or set as pending, depending on the pre-determined administration rules. Domain blocking prevents subscribers from purchasing individual certificates for managed domains by redirecting them to the managed account enrollment page. Pre-set notifications help streamline the process and alerts keep administrators informed. Expiration alerts, sent as emails or text messages, may be sent to several administrators and an alias account.

When the number of available certificate units drops below a set number, the administrator receives a replenishment alert to purchase more. Pending alerts let administrators know when they need to log-in and review requests. Confirmation emails notify administrators of instantly-issued certificates. Output: A clearly articulated administrative process integrated into the management system.


Output: A complete list of all domains and certificates.


Quote From The VeriSign While Paper: Taking Control of SSL Certificates While Improving Security and Reliability