Preventing Data Breaches with EnCirca’s Multi-factor Authentication and SSL Certificates
As security threats continue to evolve, EnCirca stays ahead of the game by providing our customers with enhanced security features. Our customers trust us to protect their privacy and sensitive data and we take that very seriously.
EnCirca Two-Factor Authentication Service
What is two-factor authentication (2FA)?
2FA, sometimes known as Multi-factor authentication (MFA), requires an additional security step to conduct certain operations. At EnCirca, if your account is enabled for 2FA, it will impact the following operations for all domains in your account:
1. Updating your customer record
2. Changing a domain’s Name servers
3. Updating Whois contact data
4. Updating Name servers info
*.BANK and .INSURANCE customers are required to use 2FA
How does it work?
EnCirca uses a third-party software app called AUTHY to implement its 2FA service. This app may be downloaded and installed on nearly any mobile device, including: Android, Apple, Blackberry, OSX, Windows and Linux.
Part of protecting your domain means purchasing and installing an SSL Certificate.
It is up to you to evaluate risk and put security measures in place to mitigate those risks.
Thieves steal data if left unchecked. Business competitors infiltrate websites and alter files or disrupt services if left unprotected. More and more we are seeing Distributed Denial-of-Service (DDoS) and other cyber-attacks with the intention of crippling or destroying services.
The foundation of trusted point-to-point communications are Secure Socket Link (SSL) certificates, an encryption technology installed on Web servers that permits transmission of sensitive data through an encrypted connection. Using a public-key infrastructure (PKI), SSL certificates authenticate the end-use website and the endpoint server, making it difficult for those sites to be imitated or forged. SSL certificates are purchased from companies known as certificate authorities (CAs).
To get started, you need to decide what type of SSL Certificate is right for your business.
Under the Safeguards Rule, financial institutions must protect the consumer information they collect.
Many companies collect personal information from their customers, including names, addresses, and phone numbers; bank and credit card account numbers; income and credit histories; and Social Security numbers.
The Gramm-Leach-Bliley (GLB) Act requires companies defined under the law as “financial institutions” to ensure the security and confidentiality of this type of information. As part of its implementation of the GLB Act, the Federal Trade Commission (FTC) issued the Safeguards Rule, which requires financial institutions under FTC jurisdiction to have measures in place to keep customer information secure. But safeguarding customer information isn’t just the law. It also makes good business sense. When you show customers you care about the security of their personal information, you increase their confidence in your company. The Rule is available at ftc.gov.
Selecting the right SSL Certificate depends on a variety of factors including security level, trust level, and visibility to the web visitor.
Encrypting every page and domain is recommended for a few reasons. One, your site visitors will know that their browsing activity is encrypted, (the customer will see that extra security in the form of a “green bar” that tells them the site is secure) and another is that encrypting every page now helps your pages rank better in Google’s search engine algorithm.
EnCirca recommends Extended Validation Certificates. EV Certificates are superior because the EV certificate is the most stringent verification process in SSL certificate issuance. A customer visiting an EV-protected website can be assured that they are not visiting a phishing site.
To fully meet your needs, we offer the following different types of certificates:
Standard SSL Certificates – require the certificate issuer to independently verify the information concerning the applicant’s business.
Extended Validated (EV) Certificates – the applicant’s business credentials are validated more extensively to help ensure that the applicant isn’t a phisher, spoofer, or other type of online criminal.
Wildcard Certificates – protect multiple options of the same base domain (i.e. www.sample.bank and directory.sample.bank)
SAN Certificates – protect multiple, different domains (i.e. www.sample.bank and sample.com)
Several steps are required to make SSL certificates functional. The website administrator needs to generate a Certificate Signing Request (CSR) for the server where the certificate will be installed. The domain needs to be validated, and finally, the certificate is then installed.
Please visit us at EnCirca’s SSL page for assistance in securing the appropriate SSL certificates for your business.
It is necessary to implement tighter security. EnCirca makes it easy.