Tony Bourdier, iRaiser’s CTO is taking a short break to tell you more about the latest security improvement that was made by the team on our software solutions.
When it comes to IT security, most of the risks lie on the lack of renewal of security information: passwords, certificates… It is assumed that one’s password must be changed every three months so as to maintain a satisfying level of security.
When Heartbleed – the massive security bug – occurred, millions of SSL certificates were impacted and left their websites vulnerable. In order to secure the platforms that were hit by this bug, SSL certificate had to be regenerated. Unfortunately, regenerating a certificate taking generally up to three days with the common systems, those platforms were left unprotected during the process.
Security is not a luxury but a necessity. That is the reason why we studied and set a new preventive procedure that renews automatically and instantly all of our platforms’ certificates, every 90 days. To do so, we relied on a quite recent technology that was created by major players from the IT industry (Mozilla, Google, OVH, Cisco, Facebook, Linux, Free, …): Let’s Encrypt.
Let’s encrypt protects your websites from many vulnerability issues, be they malicious or not. Automatic renewal protects you from certificate expiration and brute-force attacks. the instantaneity of the renewal makes it possible to react as soon as a bug is found, thus preventing it from being used against you.
By cumulating these two essential factors – prevention and reactivity – we guarantee an optimum level of security that manual methods can’t achieve. As every day is reminding us how important IT security is and will be in the future, we decided we would soon organise a masterclass about this great subject! In the meantime, enjoy your secure services!
Learn more about Let’s Encrypt :