New cryptographic hole means companies will have to check on security
A new cryptopgraphic hole surfaced last week, according to Storefront Backtalk. The website said there are 500-to-one odds of SSL certificates or other keys being bad, meaning companies will need to be more vigilant in checking their online security precautions.
“This is one reason why the PCI SSC is spending a lot of time developing very detailed solution requirements for new technologies like Point-to-Point Encryption,” said RSA spokesman Rob Sadowski, according to the news source. “It’s not enough to have the best security tools if they are not implemented and deployed well.”
Sadowski said this should be a wakeup call to businesses that have previously been lax about PCI compliance and SSL certificates. Companies that are too relaxed about security have a much better chance of eventually experiencing a security breach, so they should take measures to make sure that does not happen.
One area businesses need to keep an eye on is actually registering their public encryption keys with the Certificate Authorities. If they aren't registered, a customer's browser cannot recognize the SSL certificates to check if they are valid, Storefront Backtalk said. This could cause many problems for eCommerce websites driven by sales.