Website Security - Protecting your drupal website and customers data.

Secure Sockets Layer (SSL) is globally known as the standard technology used to encrypt communications between  the client and a server. Mostly users on web server (Websites) and browser, mail server  and mail client (eg gsuite). SSL Certificates protect sensitive information such as credit cards information, social security numbers, and login information to be transmitted securely between the server and a customer using a drupal website. Protecting your customer's personal data including passwords, identity information is very important. Getting an SSL certificate is the easiest way to increase your customer's confidence in your online business.

Without SSL Certificate installed on a web server or mail server etc. The data sent from a web browser by a customer is transmitted in a plain text format which is dangerous to customers using a drupal website. SSL has helped to secure the communication of sensitive informations for millions of online transactions. It is strongly encourage to avoid using a drupal website without HTTPS. Websites with only HTTP are vulnerable to attacks. The purpose of getting the SSL is to establish trusted environment where potential customer can be confident in making purchases on a drupal website.

It is required by Payment Card Industry to have Secure Sockets Layer (SSL) installed on a drupal websites if it has login section, send or receive private information such as Credit Cards, Street Address, Phone Numbers, Health Records etc. Green bar with HTTPS is the validation needed when using a website. To increase the level of protection of customers interest, EV (Extended Validation) is highest level of authentication and was created to enhance customers confidence. Most customers

We will explore and audit a website security based on customer experience to determine where improvements are needed. This audit requires no technical skills beyond a web browser on a mobile phone, tablet or laptop computers. The result gathered from the audit can be handed over to to your IT Director, Web Developer or Administrator to enhance your website security.

Learning Objectives:

1. Participants will be able to research problems with their website security.

2. Participants will be able to identify problems with their website security.