Hello, this is IT Center Blog.
Company news from the first hand: everything that happened in IT Center yesterday, the day before yesterday and last Thursday. All publications are cleaned from white noise and synchronized with RSS feed.
All images © 2009–2018 www.svetlanalarina.com
Unauthorized use and/or duplication of text, photo and video material without express and written permission from IT Center Blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to IT Center Blog with appropriate and specific direction to the original content.
Network Security and HTTPS/SSL
All important information that leaves Internet, be it the credit card number that you paid in the online store, the transaction to the 1C database or the blog administrator's password must be transferred to the server of the store, the 1C database or the blog in an encrypted form.
Interception of encrypted traffic will not give anything to an attacker except for a meaningless sequence of symbols. For you, it means that you will continue to manage the funds of your credit card, 1C:Accounting will not be compromised, and your blog will be led by you, not someone else.
Encryption of data occurs as follows. The source of information (you and your database) and the server-receiver (1C:Accounting) before agreeing on the data, agree on the methods and rules for encrypting the connection. HTTPS is responsible for this, which is configured by the administrator of the receiving server (let it be IT Center). However, this is not enough. It is also necessary to make sure that the receiving server is the one for whom it issues itself.
The procedure for authenticating servers on Web is based on the use of personal certificates issued by authentication centers — international organizations that have the authority, roughly speaking, of passport offices. They issue electronic certificates confirming that the IT Center server is an IT Center server, and not something else.
The certificate is paid, and the procedure for issuing such a certificate is reasonably bureaucratic: the authentication center should present information on a legal entity and fulfill a number of technical requirements. After issuance, the certificate is embedded by the administrator on the server.
Attributes of secure Internet connection
So, you are going to pay for the purchase through Internet or work with the database through Internet.
- Make sure that the information goes through the encrypted channel. The lock in the left corner of the browser and the address bar starting with https are signs that the connection is encrypted.
- Make sure that the server you are sending information to is the one for whom it issues itself. To do this, click in the browser on the lock icon to the left of the address bar and view the information about the certificate.
If you find that there is no https protocol and certificate, or if the certificate is expired or written to an unknown name, this is an occasion to reflect on the security of such work. And, of course, the professionalism of the counterparty.