Why are security features necessary?
Security is a basic requirement because the Internet is inherently not secure. Millions of computers form a public network where communications can be intercepted. As data moves from sender to receiver, it almost always has to travel through several other connections. This is called routing. During routing, computers other than the sender and receiver can access the data. Even computers not directly involved in routing can access the data. Security is therefore a critical component of any extranet application.

What are the basic security risks of Internet communications?

Sending data across a network involves three basic security risks:

  • Eavesdropping - intermediaries listen in on private conversations (one computer talking to another).
  • Manipulation - intermediaries change information in a private communication.
  • Impersonation - a sender or receiver communicates under false identification.
The situation is analogous to purchasing mail-order goods over the telephone. Mail-order shoppers want to know that no third parties can hear their credit card number (eavesdropping); that no one can insert extra order information or change the delivery address (manipulation); and that it is actually the mail-order company on the other end of the line and not a credit card thief (impersonation).

To what degree can SSL security features protect me?

The Internet is inherently not secure. No security method can make claims of impenetrability. Microsoft browser products encrypt communications using SSL 3.0, the latest version of the widely accepted Internet channel encryption standard. CSI encourages the following steps to improve our users' protection:

  • Always use the latest versions of software.
    Regardless of vendor, users of network software like Microsoft Internet Explorer should always ensure that they have the latest version of an application. The discovery of a security flaw is one of the most significant reasons for vendors to release new versions of software.
  • Use the highest security version of your software.
    Microsoft customers who are U.S. citizens or permanent residents can download the export-restricted version of their favorite browser software, and Canadian customers can order it from Microsoft. These browsers use a 128-bit key that provides stronger security than the 40-bit key offered in the export-version browser.
How do I know when my browser is operating with security features?

There are two ways to tell if your browser is operating with security features:

    First, your Location Bar should show a Uniform Resource Locator (URL) that uses an https: address, as opposed to an http: address.

    Second, the Microsoft browser will provide an icon in the browser window frame indicating that you are viewing a secured page.

    Microsoft Internet Explorer 7.0 and 8.0
    The presence of a gold lock icon in the bottom right of your Explorer window will indicate that you are viewing a secure page. To review security features, double-click the icon.

ATTENTION users of Microsoft Internet Explorer 9.0 and higher
For best results, users of Internet Explorer 9.0 or higher should set their browser to IE8 compatibility mode. We have found that the site will not work correctly for some users without this setting.