What is SSL & SSH, and do I need them?

SSL and SSH are both terms you are likely to either have come across in the past or will come across in the future. Both are abbreviations for achieving secure data transfers.

SSL

This stands for Secure Sockets Layer, and commonly uses Port 443 to connect your computer to a secure server on the Internet. SSL is commonly used for the transmission of sensitive data on the Internet such as Credit Card details, Tax, Banking and other Personal Information – usually to a business, such as an e-commerce retailer.

SSH

This stands for Secure Shell and commonly uses Port 22 to connect your computer to another computer on the Internet. Usually, SSH is used by a network administrator for things like remote login, where the administrator can login to a company network from home and carry out tasks such as rebooting the email server or resetting passwords.

Why?

The purpose of both SSL and SSH is to create a confidential connection across the World Wide Wed. It is generally not possible for a regular hackers to break into an SSL or SSH connection, except in only very few circumstances, and the method used for encryption is as reliable as it can be.

If you are required to transmit any kind of sensitive data using the net then it is advisable to do so using either SSL or SSH as data transfer is scrambled into a meaningless result to anyone who intercepts that information other than the two computers directly involved in the sending and receiving process.

How?

From the point of view say of a customer to an e-commerce website who is going to make a purchase, SSL is more than likely something they aren’t even aware of. The sign that the website uses SSL is that the beginning of the web address will start https:// rather than http://.

When the customer makes their payment and submits their details this process will normally be processed via https:// and the process before it, where they simply choose the product they want to buy, is likely to only use http://.

Cost?

To this e-commerce customer there is no direct cost. They simply shop in the normal way, as they would expect to.

However, to the merchant there will be a cost to the use of SSL. This cost will vary depending on their web host, with some hosts charging a monthly fee and others opting for an annual subscription. Either way, SSL is generally ordered via your web host.

Summary

If you are required to collect sensitive data on the web, or need to transfer that data between computers or servers then privacy legislation means that you have a first hand responsibility to safeguard it.

As such, the use of SSL and SSH is highly advisable. At the very least, if you are using SSL and there is still a breach of security with regard to the transmission of that data, then you are at least seen as having taken all necessary precautions to safeguard the data whilst it is in your possession.

Leave a Comment