At CoreSolutions Software, we use the HTTPS protocol on all web applications that we host on our servers. We choose HTTPS over its HTTP counterpart, simply because of the added security offered by the HTTPS protocol.
The “S” in “HTTPS” stands for secure. It encrypts traffic using SSL/TLS security. When web traffic is sent unsecure, it is transmitted in plain text, which means that your data is traveling the internet unprotected and could be read by any malicious program or person eavesdropping on your connection. Essentially, it’s like living in a glass house with all the blinds open at all times. Nowadays, HTTPS predominately uses TLS encryption security, which provides authentication of the visiting website and protects the privacy and integrity of the exchanged data.
The HTTPS protocol is also very good at preventing “man-in-the-middle” attacks - a form of eavesdropping, where the attacker secretly relays and potentially changes the communication between two parties that think they are directly corresponding with each other. It is due in part to these types of attacks that we opt for the added security provided by HTTPS, versus that of HTTP.
Another reason why we choose HTTPS is trust, which is crucial to the protection of your data exchange. When you’re browsing the internet, authentication and security certificates used to protect your data are encoded with key identifiers, which link back to the company that created those certificates. There are a handful of trusted certificate brands that are known to current web browsers and computer/mobile systems. When your web browser validates a certificate and connection as being trusted and secure, your address bar will typically display a closed padlock icon and in many cases also display the “https://” address portion in green text.
Confidence also plays a role in our decision to select HTTPS over HTTP. It’s important that certificate providers have confidence in the website requesting a secure certificate from them. Vendors require that all persons requesting certificates be able to prove that they own or control the web URL being secured. Most vendors offer different varieties of certificates and each type can be better suited for different applications or needs. Since HTTPS provides additional security that HTTP lacks, certificate providers are more confident with the HTTP protocol.
Advantages of Software Hosting with CoreSolutions
One major advantage of CoreSolutions hosting servers is that they are only available to CoreSolutions clients, with whom we have built solutions for. As a result, they are more secure than servers that offer public hosting.
Furthermore, all solutions built by CoreSolutions are done so with well-known, trusted technologies. Our servers are crafted to optimally support our custom solutions, which eliminates the risk of unneeded packages and configurations entering the systems.
CoreSolutions also manages 100% of the backups for your solution, so you can rest assured knowing that your data will be safe with us.
In addition, all CoreSolutions built systems are run in a virtualized environment, which means that:
- The servers are not tied to the stability and life span of the underlying hardware
- Virtualization layers are not tied to the physical hardware but are self-contained within a small amount of files that are independent of the physical server and from other virtual systems
- They can be moved from one physical server to another very quickly and accomplished in real-time (with no downtime whatsoever!)
- Physical system resources are used more efficiently, since virtual environments have the ability to dynamically allocate memory and CPU resources between systems very efficiently and as needed by demand - this means that systems not using resources can be reduced, while others requiring a higher demand can be increased
Our hosting uses a custom Unix firewall system, protecting the entire collection of servers and resources. As we know our solutions in depth, we can create firewall rules and security control systems that are more geared to those solutions and employ a restrictive firewall policy.
CoreSolutions understands that your data is extremely important to you and we’re passionate about protecting it. We continually monitor security announcements from multiple sources, to ensure that we’re “in the know” on current security risks and trends.
Stay tuned for a follow-up to this blog, where I'll run through getting an SSL certificate from an offical vendor and setting it up to protect your website.
If you enjoy our Web Blogs, be sure to subscribe to our Core Web Newsletter!
And as always, thanks for reading!