Monday, October 10, 2011

What is SSL and how does it work?

This is a guest post by Eric Greenwood from

Businesses shopping for online storage often ask about SSL, an acronym that appears on many secure websites. SSL, also known as Secure Sockets Layer, is the widely trusted acronym accompanied by a logo that represents a website that uses code keys to safeguard its files. As a general rule, businesses should not store files on an online server, even a well-known service like Apple’s iCloud, unless the online server protects their files with an SSL certificate.

The SSL certificate is a piece of code that indicates that the web server is trusted by an independent source known as a certification authority. It serves as middleman between each web browser and the server, to verify that only these two computers are accessing the private files and information.

In this secure online storage system, the web browser and the server are communicating with each other through a complex form of code key encryption. In order to keep this communication secure, the first letters of the web address switch from "http" to "https."

By making a simple switch to an https protocol, the computer can now send a public key and an SSL certificate. The public key is code that is used to encrypt the files so that they can transfer from one computer to another. However, no one can access the public key unless they are sending the same SSL certificate. It identifies that each computer is exactly what they say they are. This is a safety procedure that ensures that no private information is leaked out to hackers or identity thieves.

Unfortunately, not every service actually uses SSL effectively. For example, Dropbox's cloud storage uses a single, unchanging code key that anyone could use to access other people's file accounts. Files and information can easily be stolen by people with enough hacking skills.

Other people could also steal the files if they use that person's computer when he or she isn't looking. The computer can stay logged in to the Dropbox account, because the computer automatically saves a user's password so that the user doesn't have to type it in every time. Although people can open the Dropbox efficiently, other people could just as easily steal those files if the computer is still logged into Dropbox.

Thankfully, people can find many safer alternatives to using Dropbox. One of the more highly acclaimed services, SugarSync, secures all of its file transfers by using SSL. It also frequently backs up the transferred files onto multiple servers, so that people will not lose their files if a server shuts down for maintenance.

SugarSync even takes advantage of 128-bit AES encryption. This form of encryption is nearly impossible for hackers to crack, because of the complex calculations involved in the encryption process. In this respect, SugarSync is probably one of the more secure storage servers in cyberspace.

If people are looking for alternative services, many of the best storage sites use SSL certificates to protect themselves from data thieves. Whether people are using OpenDrive or Mozy, they can sleep safely as long as their files are stored on a service with SSL encryption.

About the Author
Eric Greenwood is a self-proclaimed techie that blogs about a plethora of online storage and data backup options. You can find more of his posts located at