GlobalSign News & Events

30 May 2013

Research Shows 50 Percent of Organizations Using GlobalSign SSL Configuration Checker Strengthened Website Security in 30 Minutes or Less

Over 80 Percent of the Top 100 Global Websites Received a Passing Grade for Their SSL Configuration

Boston, MA - May 30 2013 - GlobalSign, the enterprise SaaS Certificate Authority (CA), today unveiled findings from its first Quarterly SSL Configuration Evaluation, an analysis showing how effectively global organizations are implementing SSL (Secure Socket Layer) to protect their websites. The research evaluated thousands of website URLs of organizations that utilized the GlobalSign SSL Configuration Checker; many of these organizations were looking to assess the strength and quality of their SSL configurations. Statistics revealed that in the first quarter of 2013 over 6,000 sites used the tool to evaluate the effectiveness of their SSL, and 269 of those sites used the remediation guidance provided by GlobalSign to improve and, in some cases, strengthen the security of their sites within a matter of minutes.

Upon visiting GlobalSign's SSL Configuration Checker, powered by Qualys SSL Labs, organizations enter their website addresses and instantly receive a letter grade for their configuration. The grading system has three steps. First, the site's SSL certificate is examined to confirm that it is trusted and valid. If a server fails this step it is automatically given a zero. Next, the server configuration is tested in three categories: 1) protocol support, 2) key exchange support and 3) cipher support. Finally, a score between 0 and 100 is assigned to the site. The grading scale is as follows:

•     score ≥ 80 A
•     65 ≤ score ≤ 79 B
•     50 ≤ score ≤ 64 C
•     35 ≤ score ≤ 49 D
•     20 ≤ score ≤ 34 E
•     score < 20 F

The research revealed that 50 percent of 269 websites that used the GlobalSign SSL Configuration Checker strengthened the effectiveness of their SSL configuration grades in 30 minutes or less. Fifteen percent improved from a B, C, D or F to an A grade in less than two hours.

Notable statistics for the 269 improved websites:

•     172 organizations improved their grade to an A overall – 63%
•     113 organizations improved their F grade to an A, B, or C – 42%
•     95 organizations improved their B grade to an A – 35%

"The improvement in website security is certainly encouraging for us to see, but this is the absolute tip of a very big, fast-moving and dangerous iceberg," said Ryan Hurst, chief technology officer of GlobalSign. "Administrators can use the SSL Configuration Checker to greatly improve and remediate the security of poorly configured sites, but it is the awareness of this free and easy tool that we are trying to drive. Both small and large organizations with websites must adopt best practices, but first they have to identify the strengths and weaknesses of their sites' SSL configuration."

Alexa 100 Sites Evaluated:

In addition to the findings derived from inbound SSL Configuration Checker use, GlobalSign evaluated the SSL effectiveness of the Alexa Top 100 websites. The research revealed the following:

•     Over half (51%) of the websites received an A.
•     Twenty-five percent received a B and 5 percent scored a C.

These grades are proof that while just over half of the world's top sites, and the enterprises behind them, are providing effective security, there is ample room for improvement.

Overall SSL Configuration Checker Evaluation results of the Alexa Top 100:

For more information on the GlobalSign SSL Configuration Checker:

GlobalSign's SSL Configuration Checker is an online tool that allows any organization to evaluate its site's strengths and weaknesses by simply entering its domain URL and then clicking submit.

Share this article

Back to GlobalSign Newsroom

Media Relations

For further information on GlobalSign press releases,
events or for media enquires please contact:

Janine Marchi
Communications Manager
Call: 603-570-7060