Are you ready for the

new SSL landscape? Paul van Brouwershaven

Technology Solutions Director

About me Paul van Brouwershaven

Technology Solutions Director

What we provide

User, Machine &

Device

Authentication

Transport Layer

Security (TLS)

Code

Signing Secure

Email

Document

Signing

Identity and

Access

Management

Please open your browser!

• Let us know what you think!

• Scan the QR code and click to answer

globalsign.com/whd-vote/

It’s about you and

your customer!

SSL is dead

And has been for a long time

actually!

TLS & Hosting

GlobalSign and the Hosting industry

API

OneClickSSL

CloudSSL

SNI /

CloudSSL

Security is more than just TLS

• Phishing

• Spam

• Malware

• SQL Injections

• Cross Site Scripting (XSS)

• Authentication & Authorization

• Information leakage

• Storage

• ……

What priority level is TLS in your

security plan?

TLS and Identity

Assurance

Identity Assurance

Domain Validation Certificate

Extended Validation Certificate

• Shows who is behind the padlock

• Enhances trust and improves conversions

What prevents you from providing

certificates with identity

assurance?

Best practice

implementation

ALPN Session

identifiers

Best practices

Legacy

support

Compliance

Cipher

suites

OCSP

stapling

Forward

secrecy

ECC

SNI

Configuration

management

Server &

software

maintenance

HSTS

Legal

restrictions

Key

size

CT

Do you see the complexity of best

practices as an obstacle to

deploying TLS?

How often do you review your

TLS configurations?

Would you switch to a more

efficient ‘protocol’ even if it cost

you a percentage of visitors?

TLS by default

IoT growing requirements

Source: ariasystems.com

HTTP connections indicated as insecure

Source: httpvshttps.com

HTTP/2, SPDY Improves performance

Source: httpvshttps.com

Would you like to provide TLS by

default?

Questions?

Paul van Brouwershaven

paul.vanbrouwershaven@globalsign.com

Thank you!

Paul van Brouwershaven

paul.vanbrouwershaven@globalsign.com