Weekly Tech Tidbit – Make Sure All Internet Facing Devices Use Commercial SSLs

November 16th, 2018
Weekly Tech Tidbit – Make Sure All Internet Facing Devices Use Commercial SSLs

This week's Tech Tidbit is short and sweet.

If you have a server or device that is internet facing, make sure you have a real, commercial SSL certificate on it.   Do not use a self-signed certificate.   I don't really care that it is just for "internal" use and you are smart enough to bypass the untrusted warning.

It is a matter of security and making sure that you don't have any areas of weakness.  I want you to examine your eternal network for possible SSL weaknesses.   Look for:

  • VPN connections
  • Web pages (they should be https: port 443 vs. port 80 http:) and have a valid commercial SSL.
  • Remote access servers
  • Security cameras

Nothing should touch the internet from your network (hopefully from your DMZ) that doesn't have a commercial SSL certificate attached.

If you need help sorting this out, let us know.