Secure Server Information

In the mid 1990's we felt that the whole concept of needing secure servers was marketing hyperbole. In that time period, we did have a Netscape® secure server online for a while but took it offline when it became public knowledge that the Netscape Secure servers were not as secure as many folks assumed them to be. We also used to point out that someone would almost have to have access to a POP or the telephone company central office to to be in a position to look at data packets they should not have access to. And, if someone were looking for sensitive information, the fact that some data was encrypted would be a strong hint that it was special data.

We still feel about the same way. However, there are situations where they really do help protect your data. The immediate thing that comes to mind is transferring potentially sensitive data via a wireless connection. Also, computers are much more powerful than they were even a couple of years ago allowing for much stronger encryption to be used.

At one point in time we were so frustrated with the whole idea of secure servers making a data connection more secure that we were suggesting that our customers use secure servers at other locations so that we would not need to be involved. However, as we mention above, computers are much more powerful now and the explosion of wireless access gives a very strong reason for using secure connections.

Our current thought is that if you are going to use a secure connection for part of your site, use secure connections for the entire site. This simplifies the experience your clients may have with the site.

The following quotation is from the Edupage mail list.

INTERNET SECURITY VS. THE ALTERNATIVES

New York Times journalist Peter H. Lewis says that "sending a credit card number to an electronic merchant over the Internet is probably the safest way to make such a transaction. In the last week, for example, I handed my credit card to a waiter who disappeared with it for five minutes. I faxed my credit card information to a business in New Jersey, and the fax probably lay exposed to everyone in that office for hours and perhaps to the cleaning crew that night. I called a hotel and gave my card data to a reservation clerk and continued my recklessness by ordering some merchandise from a clothing catalogue, again by reading my credit card information to some unseen operator." He concludes that "compared with the risk of handing my credit card to a stranger, which I do nearly every day, sending it over the Internet is pretty secure."
(New York Times 13 Nov 95 C3)

Edupage is written by John Gehl (gehl@educom.edu) & Suzanne Douglas (douglas@educom.edu). Voice: 404-371-1853, Fax: 404-371-8057.
We do not feel that it is appropriate for us to present our concerns in any more detail on public forum like this. However, we are more than willing to explain our concerns to our server customers and help them choose which path(s) to follow.

If you would like a dedicated server, or would like to have your web pages on one of our servers, send an email message to newservice@solid.net with a note about what services you need. Within 48 hours we can usually have a server configured for your needs.

home  www.solid.net

last changed 07-Feb-02