SHA-1 Certificates will be rejected by the latest browsers.

Websites and systems protected using certificates using Sha-1 algorithms will no nonger be accepted by new browsers.  IE11 and Chrome for example wont allow a user to continue on to the site regardless.

Most public CA's have been issuing more scure certificates for some time now, however many internal CA's are still using Sha-1 to sign their certificates.

Its time to check and upgrade/reconfigure  if you want your systems to keep running smoothly.

Microsoft for example has several articles on how to deal with the situation in their support site.

I recently helped a customer running Windows Server 2008 Domain to upgrade their CA to issue the higher security certs.

Comments

Post a Comment

Popular posts from this blog

Apple MAC Fake Virus Alert

Similar to the windows fake AV alerts, MAC users have now been targeted with a fake AV scam. After visiting an infected site, the software scans the users hard disk and reports on viruses found. Users are then given the opportunity to purchase remedial AV software, thus parting with credit card information. The trick here is that is can masqurade as the legitimate MAC Defender application making the users less suspicious about the warnings. Apple Mac users have been adviced to disable a setting in the Safari browser that allows "safe" files to be automatically installed. Full details on removing and preventing this malware can be found here. Apple MAC Malware Removal
Read more

Email Retention Policies

Many companies have little to no email retention policies in place.  The idea here is to ensure that if a business related email is required, it can be recovered for up to a 6 year period. However it has also been raised  that 6 years may not actually be sufficient when projects which are completed over a long period of time are concerned.  Therefore 6 yrs from time of project completion should be the consideration.  In some cases financial data may need a slightly longer period of retention to match other financial requirements. The question is how do you manage this type of thing.  Users have the ability to delete their emails etc and therefore relying on users to manage their own mailboxes completely may not be the best option. Many companies opt for an email archiving solution which provides a copy of every email in and out to be stored safely and all access to these stored messages audited for compliance. With the adoption of cloud email services thi...
Read more

Is your company ready for GDPR ?

What is it ? Put simply it is a set of new policies adding to the current Data Protection Laws in the EU. Companies will be required to respect "the right to be forgotten". This means that you must be fully in control of your data in such a way that all digital traces pertaining to any individual must be fully deleted should the request be made. Whats is in scope ? Basically all of your data must be cleansed of any identifying data if requested.  This will include all past and present data including archives and backups. What if I dont comply with a request ? Penalties will be imposed of up to 4 percent of worldwide turnover. How should this be implemented ? You will need to be able to demonstrate a process which is implemented and fully documented which complies with each request. What problems need to be overcome ? The biggest issue is knowing your data.  In other words having fully indexed data and systems which will ensure this can be conducted in a tho...
Read more