Foxleys Consultancy Limited

MS Exchange 5.5 is used world over with millions of small and big business houses as well as organizations. If they decide to move to Exchange 2000, then usually users come across difficult and costly migration. However, Lotus Notes has an attractive alternative, where it minimizes the cost of migration as well ensures that migration is easy so that you can reap maximum benefits. Utilizing Lotus Notes will simplify your system management and enable you to position your company for the future works. There are several major business reasons why numerous organizations convert pst to nsf away from Microsoft Exchange, including:

• High Cost for up gradation

• Increased cost of volume licensing 6.0 and Software Assurance

• Unclear future path

• High risk of virus attacks

• Difficult administration and support

MS Exchange may prove to be notorious for its management difficulties at times; moreover, its management and support costs are high due to several factors that including susceptibility to virus attacks. However on the other side Lotus Notes acts as a futuristic alternative for global users to strengthen security, reduce costs, simplify administration and support as well as better position for organizational schedules.

Lotus Notes offers secure environment along with an instant messaging client, browser, notebook, and calendar/resource reservation client, as well as a platform for interacting with collaborative applications thereby keeping a tab on the organizational activities. It has easy to use productivity tool enhancements that include contact management and a platform for developing customized client-server and web applications. Additionally, its advanced Web access enables users to communicate effectively whether they are in office or away. Leveraging on its ACL (access control list) features, Lotus Notes has easier management through new administrator utilities and enhanced user and system monitoring to keep a tab on employee activity.

Notes was the first of its kind adopted software product to use public key cryptography for client server and server-server authentication and for encryption of data; and stands out from the rest as the product with largest installed base of PKI users. Improved anti-virus capability of Lotus Notes makes itself a trusted application that allows anti-virus software to search the message store for undetected viruses. An additional and most important feature of Lotus Notes is that it enables ease in pst to nsf conversion which makes it a far better choice than its counterparts in the market.

It is better for us to understand the basic of an exam before discussing its passing tips. Exam 70-299 – Implementing and Administering Security in a Microsoft Windows Server 2003 Network offers an advanced certification in network security. It was first launched in February 13, 2004. This exam is conducted in six languages such as English, French, German, Japanese, Spanish and Simplified Chinese. Thus, all IT professionals are able to take the exam in their own preferred languages. 

Passing this Exam 70-299: Implementing and Administering Security in a Microsoft Windows Server 2003 Network meets the requirement for Microsoft Certified Professional (MCP) certification. Other than that, you will earn credit toward Microsoft Certified Systems Administrator (MCSA): Security on Microsoft Windows Server 2003 and Microsoft Certified Systems Engineer (MCSE): Security on Microsoft Windows Server 2003 certifications. It also counts as elective credit for Microsoft Certified Systems Engineer (MCSE) on Microsoft Windows Server 2003 and Microsoft Certified Systems Administrator (MCSA) on Microsoft Windows Server 2003 certifications. 

The skills assessed in this exam are; 

• Implementing, Managing, and Troubleshooting Security Policies
• Implementing, Managing, and Troubleshooting Patch Management Infrastructure
• Implementing, Managing, and Troubleshooting Security for Network Communications
• Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI

So, here are some tips for you to pass this exam with confidence.

1. Study Guides

First of all, you will need a good set of study material to assist you in preparing for the exam. Try to find online the types of books or package offered for this exam. There must be some reviews from those who have bought the training materials before. Thus, make a good comparison before buying one. Some companies might offer you free online coaching session or money back guarantee if you did not pass the exam.

2. Lab Work

You need to practice yourself to strengthen your understanding in network security. It will be an advantage if you can see the real situation in configuring and troubleshooting a security system.

3. Forum Chat

Google and join those forums that mainly discuss about IT exams. From there, you will easily search for threads that discuss specifically about Exam 70-299. Always take note on the opinions and suggestions shared in the forums.

http://digitalsignaturebangalore.blogspot.com

A digital signature is issued by a Certification Authority (CA) and is signed with the CA’s private key. A digital signature typically contains the: Owner’s public key, the Owner’s name, Expiration date of the public key, the Name of the issuer (the CA that issued the Digital ID), Serial number of the digital signature, and the digital signature of the issuer. Digital signatures deploy the Public Key Infrastructure (PKI) technology.

If you file electronically using digital signature you do not have to submit a physical copy of the return. Even if you do not have a digital signature, you can still e-File the returns. However, you must also physically submit the printed copy of the filled up Form along with the copy of the Provisional Acknowledgement Number of your e-Return These certificates are accepted for MCA 21, E-filing, E -tendering, Income Tax return filing Sai Digital signature and Tax services , Bangalore will offer Digital signature Certificate with E-pass and it will be processed in one day from the time of receipt of the documents as needed below:

1. Signed form : Fill in and print it and sign the form

    

2. Self Attested copy of PAN Card (PAN card is compulsory)

    

3. Require Self Attested copy of any one of the latest bill of WATER / ELECTRICITY / POWER / TELEPHONE / CREDIT CARD or VOTER’S ID CARD / DRIVING LICENSE/PASSPORT in the applicant’s name for address confirmation. (as Proof of residence)

    

4. 1 passport size photograph

    

5. E-mail id.

Charges: Rs.1500.0 (Including E-pass)

One can send softcopy of the same to the email id saidigitalsignature@gmail.com

One can even send scanned copy of the documents and call Mr.S.Kumar at 9902977233 A digital signature authenticates electronic documents in a similar manner a handwritten signature authenticates printed documents. This signature cannot be forged and it asserts that a named person wrote or otherwise agreed to the document to which the signature is attached. The recipient of a digitally signed message can verify that the message originated from the person whose signature is attached to the document and that the message has not been altered either intentionally or accidentally since it was signed. Also, the signer of a document cannot later disown it by claiming that the signature was forged. In other words, digital signatures enable the “authentication” and “non-repudiation” of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message.

Network Authentication Process

The process of a client associating and authenticating to an access point is standard. Should shared key authentication be selected at the client, there are additional packets sent confirming the keys authenticity.

The following describes EAP network authentication.

 1. Client sends probe to all access points

 2. Access point sends information frame with data rate etc

 3. Client selects nearest matching access point

 4. Client scans access point in order of 802.11a, 802.11b then 802.11g

 5. Data rate is selected

 6. Client associates to access point with SSID

 7. With EAP network authentication the client authenticates with RADIUS server 

Open Authentication

This type of security assigns a string to an access point or several access points defining a logical segmented wireless network known as a service set identifier (SSID). The client can’t associate with an access point unless it is configured with that SSID. Associating with the network is as easy as determining the SSID from any client on the network. The access point can be configured to not broadcast the SSID improving security somewhat. Most companies will implement static or dynamic keys to supplement security of SSID.

Static WEP keys

Configuring your client adapter with a static wired equivalency private (WEP) key improves the security of your wireless transmissions. The access point is configured with the same 40 bit or 128 bit WEP key and during association those encrypted keys are compared. The issue is hackers can intercept wireless packets and decode your WEP key.

Dynamic WEP keys (WPA)

The deployment of dynamic encrypted WEP keys per session strengthens security with a hash algorithm that generates new key pairs at specific intervals making spoofing much more difficult. The protocol standard includes 802.1x authentication methods with TKIP and MIC encryption. Authentication between the wireless client and authentication RADIUS server allows for dynamic administration of security. It should be mentioned that each authentication type will specify Windows platform support. An example is PEAP which requires Windows XP with service pack 2, Windows 2000 with SP4 or Windows 2003 at each client.

The 802.1x standard is an authentication standard with per user and per session encryption with these supported EAP types: EAP-TLS, LEAP, PEAP, EAP-FAST, EAP-TTLS and EAP-SIM. User network authentication credentials have nothing to do with the client computer configuration. Any loss of computer equipment doesn’t affect security. The encryption process is handled with TKIP an enhanced encryption standard improving WEP encryption with per packet key hashing (PPK), message integrity checking (MIC) and broadcast key rotation. The protocol uses 128 bit keys for encrypting data and 64 bit keys for authentication. The transmitter adds some bytes or MIC to a packet before encrypting it and the receiver decrypts and verifies the MIC. Broadcast key rotation will rotate unicast and broadcast keys at specific intervals. Fast reconnect is a WPA feature that is available allowing employees to roam without having to re-authenticate with the RADIUS server should they change floors or rooms. The client username and password is cached with the RADIUS server for a specified period.

EAP-FAST

 • Implements symmetric key algorithm to build secure tunnel

 • Client and RADIUS server side mutual authentication

 • Client sends username and password credential in secure tunnel

EAP-TLS

 • SSL v3 builds an encrypted tunnel

 • Client side and RADIUS server side assigned PKI certificates with mutual  authentication

 • Dynamic per client per session keys used to encrypt data

Protected EAP (PEAP)

 • Implemented at Windows clients with any EAP authentication method

 • Server side RADIUS server authentication with root CA digital certificate

 • Client side authentication with RADIUS server from Microsoft MS-CHAP v2 client with  username and   password encrypted credentials

Wireless Client EAP Network Authentication Process

 1. Client associates with access point

 2. Access point allows 802.1x traffic

 3. Client authenticates RADIUS server certificate

 4. RADIUS server sends username with password encrypted request to client

 5. Client sends username with password encrypted to RADIUS server

 6. RADIUS server and client derive WEP key. RADIUS server sends WEP key to  access point

 7. Access point encrypts 128 bit broadcast key with that dynamic session key. Sends to client.

 8. Client and access point use session key to encrypt/decrypt packets

WPA-PSK

WPA pre-shared keys use some features of static WEP keys and dynamic key protocols. Each client and access point is configured with a specific static passcode. The passcode generates keys that TKIP uses to encrypt data per session. The passcode should be at least 27 characters to defend against dictionary attacks.  

WPA2

The WPA2 standard implements the WPA authentication methods with Advanced Encryption Standard (AES). This encryption method is deployed with government implementations etc. where the most stringent security must be implemented.

Application Layer Passcode

SSG uses a passcode at the application layer. Client can’t authenticate unless they know the passcode. SSG is implemented in public places such as hotels where the client pays for the password allowing access to the network.

VLAN Assignments

As noted companies will deploy access points with SSID assignments that define logical wireless networks. The access point SSID will then be mapped to a VLAN on the wired network that segments traffic from specific groups as they would with the conventional wired network. Wireless deployments with multiple VLANs will then configure 802.1q or ISL Trunking between access point and Ethernet switch.   

Miscellaneous Settings

• Turn Microsoft File Sharing OFF
• Implement AntiVirus Software and Firewall
• Install your company VPN client
• Turn OFF Auto Connect to any wireless network
• Never use AdHoc Mode – this allows unknown laptops to connect
• Avoid signal overrun with a good site survey
• Use minimal transmit power setting

Anti Theft Option

Some access points have an anti theft option available using padlock and cabling to secure equipment while deployed in public places. This is a key feature with public implementations where access points can be stolen or there is some reason why they must be mounted below the ceiling.

Security Attacks

• Wireless packet sniffers will captures, decode and analyzes packets sent between the client computer and access points. The purpose is to decode security information.  

• Dictionary attacks attempt to determine the decryption key configured on the wireless network using a list or dictionary with thousands of typical passcode phrases. The hacker captures information from the authentication process and scans each dictionary word against the password until a match is found. 

• The specific mode assigned each wireless client affects security. Ad Hoc mode is the least  secure option with no access point authentication. Each computer on the network can send information to an Ad Hoc neighbor computer. Select infrastructure mode where available.

• IP spoofing is a common network attack involving faking or replacing the source IP address of each packet. The network device thinks its communicating with an approved computer. 

• SNMP is sometimes a source of compromised security. Implement SNMP v3 with complex community strings.

The book Cisco Wireless Network Design Guide is available at amazon.com

Shaun Hummel is an author of various technical books and has a web site focused on information technology job search solutions and certifications.

http://www.networkjobsolutions.com

Copyright (c) 2007 Don R. Crawley

Competence means providing correct, knowledgeable service, performed with accuracy and confidence.

Competence is a two-part process. You must demonstrate competence in the way you do your job, but you must also find ways to maintain your technical competence.

Demonstrating Competence

Here are a couple of good techniques to use to demonstrate your competence.

Tell the user what you are going to do before you do it. This technique is called headlining, in the sense that a newspaper article’s headline tells you what you are going to read before you read it. As a user, it is very frustrating to be dealing with a technical support provider who does not tell you what he or she is doing. When there is silence on the phone, the user may be confused, and this does not assure the user of your competence. You know you have not done a good job of headlining if, after a period of silence, your user says, “Are you still there?” The user does not feel cared for if she has to guess if you are still on the line.

Headlining is the mark of a professional Help Desk provider. It is easy and quick to do, and creates a high degree of end-user satisfaction. Use headlining when you need to take a moment to look up some information in the database. You can say, “It will take me just a minute to look that up in the database.” This gives the user the assurance that you are working on their behalf.

Another way of providing assurance to users is to build their confidence in your ability to help them. This can be done with a solution statement delivered once you understand and have confirmed the user’s problem. A solution statement simply tells the user that you can help them solve the problem. You can say, “From what you have told me, I know how to solve the problem.”

Maintaining Technical Competence

Our world in Information Systems and Technology evolves so quickly that maintaining technical competence can seem overwhelming at times. Here are four keys to maintaining your technical competence:

Be curious. Curious people are always exploring. When you’re curious, life is more interesting and you find new ways of doing things, you find things you didn’t even know existed, and you maintain a childlike sense of wonder and awe.

Read…a lot. The fact that you’re reading this article speaks highly of you. It’s not that you’re reading this particular article (as much as your author wants to believe that!), but that you’re reading any article about how to do your job better that speaks so highly of you. There are thousands, perhaps millions, of blogs and forums on the Web dealing with the same technologies you support. Microsoft and most other vendors provide extensive support documentation at their sites. Microsoft even has free hands-on labs and how-to guides. Get one of the O’Reilly Cookbooks for the technology you support and work through recipes that are most interesting to you.

Build a sandbox. I first heard of an IT “sandbox” when I was working with some individuals from Kimberly-Clark Corporation in a PKI training session. The IT “sandbox” is another name for a testing lab where you can experiment without worrying about system failure. Today, it’s often not necessary to set up a physical lab with multiple physical computers. Instead, you can use tools like VMWare, Virtual PC, or Xen to create a virtualized lab environment in which you can test and experiment to your heart’s content without worrying about affecting end-users. Some virtualization products are available for free; others at very low cost. (I use VMWare Workstation.) Use Google to learn more about virtualization and the vendors who create virtualization products.

Get trained! As a training provider to the IT world, you’d certainly expect me to make this recommendation, but it’s important. Training, whether in a college classroom, a seminar environment, in a workshop, or at a conference exposes you to new ways of doing things and thinking about things. Electronic delivery of training can be an excellent solution, but participating in in-person classes allows you to interact with the instructor and the other students. It’s through such interaction that you discover new concepts and new solutions to old problems. I discovered when I returned to college that just being in an educational environment got me thinking in new and positive ways. Additionally, great teachers and trainers challenge you and help you step outside your comfort zone which is how you affect positive change in your career and in your life.

Being great at your job isn’t necessarily easy, but it’s immensely rewarding in terms of personal satisfaction, career options, and financial rewards.

Next week, we’ll talk about empathy and its importance as part of the tech support process.

I don’t read a lot of history, contemporary or otherwise, and when I do, it is usually in the area of political economy. In recent years, for instance, I have delighted at the scholarship and intellect of Eric Hobsbawm. But what always strikes me about history is how perfect our vision can be from the distance of time. Not so if you are closer, and so I can forgive J. D. Legge my single criticism of his book, Sukarno – A Political Biography, which is its lack of overview. Legge published the book in 1972 and so did not have the luxury of 35 years of clarifying hindsight that we have today.

J. D. Legge’s biography charts the life and career of Sukarno in intricate detail. Particularly strong are the descriptions of the internal machinations and wheeler dealing amongst the Indonesian political elite. Sukarno is presented as one of the major political figures of the twentieth century. If anyone should doubt this, then recall that the terms “Third World” and “Non-Aligned”, terms that structured our thinking about the world for decades and perhaps still do, would probably not have existed if Sukarno had not promoted them. The former arose out of the 1955 Bandung conference, which Sukarno hosted, and the latter out of continued initiatives involving the Indonesian president. Furthermore Sukarno’s significance for the century is also underlined by the fact that the aftermath of the coup that ousted him led to the murder of 250,000 people, while the president himself was allowed to live out his last years and die a natural death. Legge stops short of laying the ultimate responsibility for these deaths at Sukarno’s door, and neither can he be certain about the president’s relation to the coup. True, he lost power as a result, but he did not lose his life. He lost most of his dignity, but remained such an esteemed figure after 50 years in politics that he retained at least a figurehead status up to his death.

A point that Legge underplays, however, is the relationship between the nationalism that formed the basis of Sukarno’s politics and the pragmatism that sought inevitably loose alliances to both define and promote it. One such Sukarno initiative in particular, NASAKOM, may have been responsible ultimately for precipitating the coup and even causing the slaughter.

Sukarno was almost as old as the century, being born in June 1901 in East Java. Legge makes an interesting point about his parents, who met in Singharaja, Bali, while his father was a teacher there. The father was Javanese, a member of the aristocratic priyayi class, but his mother was Balinese and not even a Muslim. I have visited Bali and Singharaja and East Java and can fully appreciate the fundamental differences, both cultural and religious, between these places. And yet, from this mixed parentage there was born a figure who consistently espoused nationalism as a defining ideology. But from the start, and perhaps because of his background, it was a syncretic nationalism that tried to create unity by bridging difference.

Initially, of course, this nationalism was defined via opposition to Dutch colonial rule. It was a nationalism that brought the young Sukarno into conflict with the authorities, led to periods of imprisonment and exile. Nothing strange here. The twentieth century is full of such figures who struggled against externally-imposed colonial rule. In the Second World War, Sukarno, like Laurel in the Philippines, collaborated with the Japanese. But whereas to the north Laurel was eventually disgraced by the association, Sukarno found himself in 1945 the president of an independent Indonesia. And here, perhaps is where the nationalist ideology became, out of necessity, essentially pragmatic.

As an ideology, nationalism claims it expresses a single identity or culture, often defined by language or religion. And this despite the fact that there are almost no nations that actually display the homogeneity that the ideology assumes. It thus has the capacity to become an exclusive force in direct contradiction to its stated aim. Thus nationalism inevitably is an ideology that is easiest to define and promulgate by opposing what it is not, rather than defining precisely what it is. We only have to think of the agendas of the so-called nationalist parties and movements in contemporary Europe, and how they crystallize around opposition. In Britain, we have the United Kingdom Independence Party, UKIP, which is nationalist because it opposes the European Union. And we have the National Front, nationalist because it opposes immigration. The list could be a long one. So nationalism often must be defined in relation to what we are not, rather than via what we are.

If you live in a country subjected to colonial rule, it is surely easy to define nationalism around concepts of independence and self-government. One these things have been achieved, however, the focus that defined the nationalism is removed. If it is to continue as an ideology for an independent nation, it must change, one option is for it to be elevated to state-worship, almost to the status of a national religion. The North Korea of Kim Il Sung was this route in extremis. But in a country as vast as Indonesia, the social conformity this route requires could never have been achieved.

So Sukarno took the other route that can sustain nationalism as a state ideology, which was expansionism, coupled with attempts to create coalitions across political ideology and religion. The expansionist tendency led to the incorporation of West Irian into Indonesia. It also led to Sukarno’s opposition to the establishment of a Malaysian Federation and thus to several years of war in Borneo. It might be argued the same need for expansion to bolster nationalism led, under Suharto, to the invasion of East Timor. The point here is that the external positions are adopted in order to define internal political identity.

As well as promoting an external focus, alliances and coalitions must be erected internally to create at least a semblance of unity. Sukarno’s NASAKOM was such an attempt, an initiative to unite Nasionalisme, Agama and Komunisme, Nationalism, Religion and Communism. And so the Indonesian Communist Party, the PKI, was part of an equation whose result was always going to be a problem, given the ubiquity of the cold War and the proximity of China. When we consider the difficulty of creating unity out of such an admixture, we then appreciate the need for nationalism to retain its external focus. No nationalist agenda can cut across ideological differences that are global. In Sukarno’s case, effectively the Cold War won. The internal tensions had to be resolved and, in Indonesia’s case, it led to military action, the slaughter of 250,000 communist sympathisers and anyone else who got in the way, and the emergence of an initially pro-Western government under Suharto.

But despite this unsatisfactory end for Sukarno’s nationalism, J. D. Legge reminds us of his achievements. Modern Indonesia came into being under Sukarno’s leadership and vision. The politics of the region and of the century were influenced by him. And he was leader of one of the world’s most populous countries for over two decades. Certainly he was a great figure, but, because of his use of syncretic nationalism, he was not a contributor to political thought and so, perhaps, his influence died with him. J. D. Legge’s Sukarno – A Political Biography is a superb, scholarly and measured account of this life and career.

Body:

No doubt E-commerce is an ever growing industry, yet, there are some concerns over some security issues which may hinder its escalation to a certain extent. We will look into some of the major factors which are acting as obstacles to the development of e-commerce.

One such factor is the attack of recent viruses, resume and KAK viruses against Microsoft Outlook. This has proved that expediency permits the rapid propagation of viruses throughout internet. This problem is further fuelled by tales of e-commerce sites and consumer data privacy sites being attacked by hackers. In most business institutions, increasing security weaknesses is easily visible by stories of hackers stipulating a ransom for not printing customer credit card information. However, consumer privacy still remains as one of the top security concerns in the industry substituting even the fraud and theft fears. Still, we could tackle these threatening issues if we follow the four simple objectives which are privacy, veracity, authentication, non-repudiation.

Privacy can be tackled by encryption. A public key encrypts a message and a private key decrypts a message in PKI (public key infrastructure).Since only the sender has the exact key, it helps in proving the identity of the sender.

However, one of the common threats that hackers produce is making use of viruses to damage business data. Then, to cease access to some authorized users of a website and to compel the site to produce a downgrade service, hackers carry out denial-out-service (DOS) attacks. Sensitive data such as price lists, catalogues and valuable intellectual property are at the risk of getting accessed by the wrong hands and getting altered and destroyed. This is one of the insecurities of e-commerce. Another risk is modifying our website and corrupting our image, thus directing our own customers to another site.

Also, with a view to propagate fraud, one might try to gain access to our business or financial information which should be kept very much under the wraps. Else, it would certainly lead to crime.

Moreover, all these risks will have a great impact on businesses running through e-commerce. It could lead to criminal charges if you come across as in breach of the Data Protection or Computer Misuse Act, or any other e-commerce regulation. Market share can be in great loss if a customer loses well – established trust on you. As a consequence of fraud or litigation, financial loss is of course without doubt bound to occur. This financial loss will subsequently give birth to unwelcome publicity and stuff.

However, it’s necessary to tackle security problems. One way is by giving a username and password combination before surfing on any site. Also, an authentication token is required which is known to the user. A personal identification no is one such step which meets the need for authentication. Through the operation of an entity’s unique signing key, a digital certificate can be bought into action. Network restrictions should be made to curb access to other computer networks and systems.

So there are good numbers of ways from which we can prevent security problems. So like everything else in life, one should always be careful with e-commerce too because nothing in life is about a hundred percent guarantee.

“…Perhaps you think your email is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don’t you always send your paper mail on postcards? Why not submit to drug testing on demand? Why require a warrant for police searches of your house? Are you trying to hide something? If you hide your mail inside envelopes, does that mean you must be a subversive or a drug dealer, or maybe a paranoid nut?…”

-Philip Zimmerman, Creater of PGP

Of course it doesn’t, it simply means you value your privacy.

PGP, or more specifically OpenPGP is a great, and more importantly FREE method of securing your data and your e-mails. You don’t want “The Man” reading your e-mails, and neither do I.

There are many PGP and OpenPGP programs out there, but the one that is the most versatile that I have seen is called GnuPG. It comes in some form for every operating system. It comes standard with Ubuntu Linux, and there are versions for Windows and MAC.

If you are a fan of Mozilla Firefox, and Thunderbird like I am, then you will be happy to know that there are GnuPG plugins for both of them. Enigmail for Thunderbird, and FireGPG for Firefox. Of course you have to have GnuPG installed for the plugins to work.

If you have any doubts on the strength of the encryption, it uses PKI and the encryption keys can go up to 4096 bits, which is so strong that if you take all of the computing power on the planet it would still take something ridiculous like 10 billion years to crack (Give or take). I also found a quaint little article here about how the FBI has problems cracking PGP.

To find out where you can download the right version of Gnu Privacy Guard for your system, click here:(Gnu Privacy Guard)

We well know conception about complex solutions in the area of information systems security. These cover management of the information security, as well as projection and implementation of the technological solutions. Multiple-factor authentification solutions, identities management and access rights management, security of the workstations, and PKI. Also important is solutions in the area of the secured electronic signature. It is usually completed with establishing of the managing systems in the field of the information security, together with the projects for protection of personal data, continuity of the operations management, and management of the outsourcing in the field of the security and incidents. Key platforms used within frame of the safety of the information systems solutions, are technologies from manufacturers such as ActivIdentity, Check Point (Pointsec), Clearswift, Entrust, IBM, nCipher, Oracle, RSA, SafeNet, Sun Microsystems, Symantec, and Vasco.

http://www.infosecuritylab.com

People are getting smart about online security. More and more of them are looking for the padlock icon and “https” prefix in the address bar of their browser before submitting personal information online. If your Web site doesn’t have an SSL Certificate, visitors may leave before making a purchase, creating an account or even signing up for a newsletter.

An SSL certificate is a digital certificate that authenticates the identity of a Web site and encrypts information sent to the server using Secure Sockets Layer (SSL) technology. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key.

An SSL certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. When an Internet user attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection.

An SSL certificate contains the following information:-

The certificate holder’s name
The certificate’s serial number and expiration date
A copy of the certificate holder’s public key
The digital signature of the certificate-issuing authority

How does SSL Certificates work? :-

An SSL certificate ensures safe, easy, and convenient Internet shopping. Once an Internet user enters a secure area – by entering credit card information, email address, or other personal data, for example – the shopping site’s SSL certificate enables the browser and Web server to build a secure, encrypted connection. The SSL “handshake” process, which establishes the secure session, takes place discreetly behind the scene without interrupting the consumer’s shopping experience. A “padlock” icon in the browser’s status bar and the “https://” prefix in the URL are the only visible indications of a secure session in progress.

By contrast, if a user attempts to submit personal information to an unsecured Web site (i.e., a site that is not protected with a valid SSL certificate), the browser’s built-in security mechanism triggers a warning to the user, reminding him/her that the site is not secure and that sensitive data might be intercepted by third parties. Faced with such a warning, most Internet users will likely look elsewhere to make a purchase.

Types of SSL Certificates :-

Wildcard SSL Certificates : Secure Unlimited Servers with ONE SSL Cert! (certification also covers unlimited first-level sub-domains) You get Strong 256 Bit Encryption, Secure Site Seal, & Web PKI to easily manage multiple SSL Certs.

Premium Extended Validation Certificates : It provides the highest level of online assurance for your customers using a process that’s standardized across all certification authorities:

More extensive than any existing SSL vetting process (undertaken by any certification authority).

Includes verification of your organization’s identity, the validity of your request and the overall legitimacy of your business.

Browsers also display both the organization name and issuing certification authority.

Using the same rock-solid, 256-bit encryption technology as Standard SSL and Deluxe SSL Certificates, Premium SSL Certificates prove that your Web site is a secure place for customers to conduct business.

Multiple Domain Certificates, also called Unified Communications Certificates (UCC): It provides the most flexible class of SSL Certificates today by securing multiple domain names with one certificate.

Secure up to 100 domain names on one certificate.

Save money because the cost of one Multiple Domain Certificate, with additional domain names, is less than the cost of individual certificates for each unique domain name.

Compatible with Microsoft Exchange Server 2007 and Microsoft Communications Server.

Simplifies the process of managing multiple certificates with varying expiration dates.

Our Single, Multiple Domain and Subdomain certificates all use the same rock-solid, 256-bit encryption technology, proving that your Web site is a secure place for customers to conduct business.

NOTE: The UCC Certificate is ideal for Communication Server, Exchange Server and other Enterprise Applications, as well as for single companies or entities with many related URLs. This Certificate is not recommended for use with sites completely separate from each other (e.g. a network provider who builds Web sites for competitors).

Most of the SSL certificate issuing companies will charge you around $399 per year. Some of the affordable SSL certificate provider like Hosting3i.com chareges $14.95 per year with 256-bit secure encryption.

SSL certificate will not only ensure safe transfer of critical information but also increase the creditability of your online store.