Welcome to the Banyan Theory blog, where we write about anything and everything related to insurance websites, including design, search engine optimization, and tips to improve your own site.
This is part of our Why HTTPS series.
Simply supporting SSL on your website isn’t quite enough. However, there are two easy and free things you can do to make your setup much more secure: require HTTPS, and enable HSTS. What do these mean? Read on to find out in this second post in the series.
This is part of our Why HTTPS series.
You may have noticed a strong uptick recently in the number of websites you visit that use HTTPS. Or you may have noticed that many companies, like Google and Safeco, have begun encouraging website owners to support HTTPS on their own websites. If you’re curious about the reasons behind this, and the reasons you should add HTTPS support to your website, you’re in the right place. This is the first of a series of blog posts I’ll be writing on the topic.
Web browsers have changed the way they handle non-HTTPS websites, and more changes are on the way. If you already have our Whole-Site SSL add-on, you’re covered. Otherwise, read on to see how these changes affect your website, and what to do about it.
We recently launched a new feature called Whole-Site SSL, which allows us to use SSL on every page of your website.
Before going any further, it’s important to first point out that every insurance website we have ever built and hosted has used SSL on the pages that collect sensitive information, starting with our first one in 2007. If your website is hosted with us, your forms are protected with SSL.
It’s been a little over a month since the Hearbleed bug was revealed. In case you missed it, I wrote an article telling you what you needed to know regarding your website and your Banyan Theory account login — mainly that they were not affected.
Now that the dust has settled, I’d like to explain how the bug works and how important it is that you change your passwords on other sites that were affected.
If you use Internet Explorer to browse the web, be aware that there is a dangerous new code-execution vulnerability. Microsoft has not issued a fix yet, making this a zero-day exploit (as in, zero days between the discovery of the vulnerability and the first attack).
All versions of Internet Explorer are vulnerable (6 through 11).
On Monday April 7, a new vulnerability called Heartbleed was revealed in OpenSSL, a software library widely used to protect websites served over HTTPS. The good news: the websites and apps we host were not impacted. The bad news: there are a great many websites and online services that were vulnerable.
Here’s what you need to know:
In its most basic form, here’s how a phishing scam works:
Sound like something you’d never fall for? Read on to be sure.
Java has not had a good 2013 so far, suffering from several critical security vulnerabilities in just the first few weeks of the year. The vulnerabilities are so dangerous that the Department of Homeland Security is advising people to disable Java in their web browsers.
Read on to find out how to keep your computers safe by disabling the Java web plugin.
We often receive the following request from our customers:
It’s time for our business insurance policy to renew, and the insurance company says our contact form is not secure. They will not renew our policy unless the form is secured with HTTPS. Can you help?
What your insurance company wants is to make sure any information your customers submit through your website is secure (encrypted in a way that it cannot be intercepted).
It may appear to the untrained eye that your contact form is not secure, but if we host your website, you can rest assured that it is. If you want to know how you can verify this, whether we host your website or not, continue reading…
If you have an insurance website from Banyan Theory, you’ll be happy to know that we’ve taken steps to protect your site from the upcoming end of the world (which, as the Mayans have told us, will occur on December 21, 2012). We want to ensure that your website will remain available in the off chance that anyone survives the end of the world and they need information about their insurance.
Over the past couple of years, we’ve been formulating ideas that would protect our servers from such a scenario. Here are our ideas:
