During the week of 14th March, GlobalSign exhibited at World Hosting Days (also known as WHD Global) in Rust, Germany. This event is attended by many of our current and future partners and customers in the hosting and cloud industry. This, combined with the great networking possibilities, makes it a valuable event to be at each year.
From previous years we saw an increasing demand for mass deployment of SSL Certificates. Many hosting, cloud and SaaS providers are now looking for possibilities to benefit from the improved privacy and security, performance and SEO that you get for free when running a website over HTTPS. Frequently asked questions were around dynamic certificate loading, using TLS sessions in web hosting clusters and full automation.
We were pleased to see many of our partners in attendance. In conversations with them we found that they are starting to see more requests for EV SSL Certificates from their end customers. This is partly due to there being more awareness in the market, as well as customers now recognizing the benefits of differentiating themselves from the many websites that are secured with an automated, but limited Domain Validated SSL Certificate.
Encryption by Default Drives Differentiation Through EV SSL Certificates
In my presentation ‘Adopting the “Secure Everything” Ethos by Encrypting the Entire Internet’ on Wednesday 16th March, we had a quick look beyond standard website security.
Websites are internet services we all use on a daily basis, but we may not even realize that we use the internet to the extent that we do. From sending email communication, listening to music, turning on the lights, or even changing the temperature. The devices we use in our daily lives are all becoming interconnected and we should not forget the security impact that this has.
To use devices within the Internet of Things securely, strong authenticated end-to-end encryption is vital. Inevitably cloud and SaaS providers will participate in the IoT delivery chain, but what does this mean for them? When encrypting the entire internet, different solutions are required and millions of certificates would need to be issued in a short period of time. At GlobalSign we are prepared for this with our high volume certificate services, but the question is are you?
Encryption by Default Goes Beyond Websites
While at WHD, we also decided to run some Twitter polls, to see how businesses are reacting to the changing market. In the first two questions we asked businesses how many of their end customers were a registered business. This is important to the changing market as Domain Validated (DV) SSL Certificates are the only type of certificate you can purchase without having to prove you are a registered business.
What percentage of your customers are a registered business? #WHDGlobal— GlobalSign (@globalsign) March 15, 2016
When asking some of our customers about the market, they will often tell us that they would like to see a rise in Extended Validation (EV) or Organization Validated (OV) SSL Certificates, but this is difficult to achieve due to many of their customers having not registered their businesses.
How Do We Check Security Online?
We also asked Twitter users which activity they felt was most important to ensuring data security. Interestingly the majority of respondents said that checking a websites for HTTPS was most important to them. Perhaps this says a lot about the education of the public, as encryption for email and signing of documents were surprisingly less important. More often than not, it is actually emails and documents that contain the most sensitive information to people and businesses alike.
As a user, which of these activities do you think is most important when ensuring data security?— GlobalSign (@globalsign) March 17, 2016
We asked a similar question to WHD attendees in a research survey we had running during the event.
In this question we asked them to tell us which activities they partake in to ensure personal data security. Similar to our Twitter poll, respondents felt that checking a website for HTTPS ranked as the most common way to ensure security. Encryption of emails and signing of emails came way down the list, after two-factor authentication, whilst signing documents came after signing code.
Strong Website Security and Data Protection Requires More Education
We found that the top challenge facing attendees in offering encryption solutions to customers is education of customers (38%). In potentially upselling existing DV SSL Certificate customers to OV or EV SSL Certificates, the biggest challenge is that customers don’t see the added value. It seems that 43% of attendees who sell encryption solutions also find that customers are never concerned with encryption until something actually happens to them.
What all of these responses tell me is that there is a lack of education among end users. It seems users don’t understand the difference between levels of certificates and are not prepared to protect their data until something happens to them. At this stage it’s already too late, as data has been stolen and their brand has potentially been diminished. So what can we do in order to respond to this?
Content and digital are a great way of educating consumers globally, but it’s up to companies to decide if they feel this is their responsibility. What do you think?
On top of our research and conversations with people in the industry, we did have a lot of fun as well. Our team had a go on the WHD rollercoaster and enjoyed meeting some industry experts during the course of the three days.
We also had a prize draw. As we recently launched our new high volume certificate services, we arranged some high volume devices and drew a Beats by Dre headphone winner each day.
We would like to thank everyone for attending the event, visiting our stand, listening to our talk and asking some great questions. Thanks to you and the great team at WHD, WHD Global 2016 was an amazing event again!