Research done by RTL7 show that no less than 27 Dutch municipalities do not use a secure internet connection to process personal data. Ten of these municipalities even asked their citizens to provide their social security number. This is a 'special personal data' which, according to the Authority Personal Data, can only be processed on a secured internet connection. Special personal data are data that are so sensitive that its processing can seriously affect someone's privacy. Therefore, special personal data can only be processed under very strict conditions. A proper secure internet connection is crucial.
A secure internet connection with HTTPS
Since January 2016, the obligation to report data leaks has taken effect, which means that the processor of personal data will be held responsible if this data ends up somewhere public. By using a secure HTTPS connection it is prevented that privacy sensitive information gets into the hands of malicious users. The HyperText Transfer Protocol Secure, or HTTPS, is an expansion on the HTTP protocol that ensures a secure exchange of data. HTTPS will encrypt the data when it is being send, so it cannot be intercepted.
The encryption protocols Secure Socket Layer (SSL) and its successor Transport Layer Security have been developed mostly to secure communication (with HTTP) on regular internet pages, but has since developed into one of the standards for secure communication on the internet. Several disciplines can make use of the TLS protocol, like your browser, email or FTP server (FTPS). There are two different ways to encrypt data management through FTP: FTPS and SFTP (based on the SSH data). Both ways are more secure than a connection on FTP only.
There are different validation methods for SSL certificates: domain validated (DV), organisation validated (OV) and extended validated (EV) which can be recognised by the green address bar in the browser.
Sending encrypted emails
As described in this article, the connection through which an email is send can also be provided with the TLS protocol. By sending email on a secured connection, you can prevent others from accessing the message on the way. Important to note is that a secure connection only secures the transport. If you want to be sure that the content of the email is encrypted as well, you can use methods (like PGP or GPG) which allows you to provide your messages with a kind of cryptographic envelope.
BIT offers services on the secure versions of the protocols: HTTPS, FTPS, IMAPS and SMTPS. We can offer you several brands of SSL certificates. Every brand has a number of variants and with different price ranges. With shared hosting BIT offers a standard SSL certificate and SSL offloading on the loadbalancers.
If you have any questions regarding this article or if you would like more information on how to secure your internet connection in the best possible way, please feel free to contact us on firstname.lastname@example.org
or +31 (0)318 648 688.
By: Larissa Wiedeman