Home » cyber security » Encrypting the Entire Web

Encrypting the Entire Web

When a small nonprofit declares a goal as lofty as encrypting the entire web, it can expect to be met with skepticism.

But a San Francisco-based organization – The Internet Research Group (ISRG) – appears to be making some substantial progress toward its vision of making the internet a more private place to be, one site at a time.

ISRG’s Let’s Encrypt campaign is helping to encrypt the web by making it easier for millions of sites to move from the unsecured HTTP protocol to the encrypted HTTPS protocol. The nonprofit is accomplishing this by acting as a certificate authority, which verifies the authenticity of a site and issues the certificate needed to make that site work with a user’s Web browser. While commercial groups offer these authorization services, Let’s Encrypt stands apart in providing them for free, supported by sponsorships from several leading tech companies. All told, Let’s Encrypt has aided in the encryption of approximately 3.8 million sites to date.

Encryption makes web traffic, communications and other data much more difficult to intercept and interpret, so it should be a fundamental part of the modern Web. And the Let’s Encrypt certification authority service can help organizations of any size achieve the encryption they need on the public-facing web, making traffic more private.

However, it’s important to understand that this is not the be-all-end-all solution for deploying encryption within most organizations. Full-lifecycle encryption – where data stays encrypted at rest on data services, in transit and in the cloud – is a must for any group that works with sensitive data.

Properly implementing encryption across a full data lifecycle and ensuring that it functions effectively is easier said than done. There are several common pitfalls when it comes to making encryption work, including choosing the right configuration and FedRAMP. But there are also numerous solutions for overcoming them.

Lunarline offers a range of services to help organizations achieve the encryption they need, from cyber security courses on encryption management to assessment services evaluating encryption effectiveness.

For more about these and other services that can help your organization enhance its privacy and cyber security, visit Lunarline.com or request a call with someone on the Lunarline team.





About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.