> GlobalSign, Europe’s leading Certificate Service Provider offering digital certificates and co-sourced PKI solutions, has announced the availability of CorporateSSL a new SSL Server Certificate model. CorporateSSL allows organisations to issue and manage their own SSL server certificates, based on a unique license model that encourages a policy to secure every web server with an SSL server certificate by default.
SSL server certificates prove the identity of an organisation and make sure that all communication between the user and the organisation’s web server or web application happens in a complete encrypted confidence. “Security is not only about being secure. It is also about being visibly secure,” said Johnan Sys, general manager of GlobalSign. “SSL server certificates offer a visible, trust-building solution. The little padlock that appears at the bottom of the browser when a web server is protected with an SSL Server Certificate, assures the end-user that the organisation on the other side is indeed the company it claims to be, and that this organisation takes security seriously.”
Although the advantages of using SSL server certificates are obvious, many organisations still operate without them. Market research conducted by GlobalSign in the United Kingdom and the Netherlands reveals that the most important reason for not using SSL server certificates is the fact that acquiring and renewing SSL certificates takes too much time and is perceived as expensive. For each SSL server certificate an organisation has to go through an extensive registration and verification process with the Certificate Service Provider of its choice, as well as renew the certificates each year. This alone consumes a substantial amount of administrative time and cost.
In addition, Certificate Service Providers charge a fee per ‘fully qualified domain name’, which is the combination of a hostname (www, ftp, support) and a domain name (company.com, company.net). Organisations that want to secure e.g. both www.mycompany.com and support.mycompany.com, will need to purchase two SSL server certificates. Consequently, a policy of installing an SSL server certificate on every server can be highly expensive.
“We recommend installing an SSL server certificate on every corporate Web server,” continued Sys. “To make this more cost-effective, with CorporateSSL we have introduced a pricing scheme that only charges per domain name. In practice this means that for a flat fee, an organisation can issue as many SSL server certificates as it requires for a pre-defined number of domain names. Furthermore we allow organisations to issue, revoke and renew their certificates whenever it is convenient for them, rather than having to wait until the individual certificate expiration dates significantly lowering the total cost of ownership.”
CorporateSSL allows an organisation to issue and manage its own SSL server certificates, eliminating the need to involve a third party Certificate Service Provider in the routine administration. Certificates issued through CorporateSSL carry the same level of trust as those issued by GlobalSign itself. They are covered by the same insurance (GlobalSign Liability Program covering up to EUR37,500), have the same profile and are issued under the same conditions as described under the GlobalSign Certificate Practice Statement. Each SSL server certificate includes a Web seal ‘Secured by GlobalSign’ that asserts the security verification and certificate status.
GlobalSign is Europe’s leading Certificate Service Provider offering digital certificates and co-sourced PKI solutions. GlobalSign’s digital certificates allow individuals and businesses to secure e-mail communication, to conduct fully authenticated and confidential online business and to set-up trusted software distribution. GlobalSign also offers CorporateRA(tm), an out-of-the-box co-sourced PKI solution and a unique service called RootSign(tm) for corporate Certification Authorities who do not have their Root Certificate embedded in popular browsers.
GlobalSign’s public root key is embedded by default in all major Internet applications such as e-mail clients and browsers. Consequently, GlobalSign certificates are globally accepted and are not limited by any application, geographic area or business sector. Furthermore GlobalSign is one of the few Certification Authorities in the world that attained the WebTrust accreditation level. GlobalSign is part of the Ubizen group. Ubizen has a majority stake of 91% in GlobalSign.