Internet security requires a layered approach. No single layer provides 100% protection. Encryption ensures that no one can "listen in" on a conversation between a browser and a web server. However, hackers may be able to divert or send a user to a fraudulent site pretending to be yours. Your site visitors need to be assured that your site is exactly what it purports to be. That is what assurance is all about.

Does encryption plus assurance equal 100% protection?

Not quite. There have been some very rare cases where the certificate validation system has been compromised. More important, however, is that your network and web server must also be protected to ensure that hackers do not compromise web pages and page objects.

In addition to strong network firewalls, your site should undergo a regular vulnerability scan from a service such as Comodo HackerGuardian. HackerGuardian PCI Scanning is a vulnerability assessment scanning solution designed to achieve and maintain industry compliance and retain the ability to accept card payments. Using a secure online interface, administrators can remotely run scans to PCI standards on their externally facing IP addresses that touch the credit card acceptance, transmission and storage process.

Since a network is only as vulnerable as its weakest link, it is important that a company also use an Endpoint Security Management System, such as Comodo ESM. Comodo's new CESM 3 platform provides Comodo's top ranked anti-malware suite that proactively protects your servers, workstations, laptops and netbooks, while offering advanced, real-time management and control over critical system resources.

The bottom line is that securing your web site and protecting your customers begins with SSL encryption and assurance, but a comprehensive and layered approach is required for complete protection of your site.

Next: IN SUMMARY