1 Overview

How does bxp keep your communications secure?

When using bxp, all of the pages will swap you from a standard communication method (HTTP) to its secure equivalent (HTTPS). So in an identical way to your online banking, every communication is completely secure and encrypted all the way from your machine, straight though to storage of the data in the back end of the system.

bxp will swap you back immediately to HTTPS even if you try to manually circumvent the security.

In order to ensure the encryption is done properly a third party supplier verifies that the encryption is being done properly. Thawte is the company that provides this independent verification.

2 Technical definitions

2.1 Hypertext Transfer Protocol Secure

HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server. The use of HTTPS protects against eavesdropping and man-in-the-middle attacks.

2.2 Thawte SSL Certificates

Thawte® SSL Web Server Certificates secure confidential information exchanged online and confirm your site’s identity to employees, business partners, and other users. When users click the Thawte® Trusted Site Seal or view certificate details, your organisation's name appears and shows that Thawte, a trusted certificate authority, has verified the site’s identity. SSL Web Server Certificates can include full organisation authentication details.

2.3 Comodo SSL Certificates

Comodo® SSL Certificates secure and protect company and customer transactions for online businesses. Comodo’s root certificates are embedded in all major browsers and devices and are trusted by 99.9% of the Internet population.

2.4 Thawte SSL Certificates Implementation

At AllnOne we will always attempt to keep as secure as possible with the latest updates. We are currently using a Thawte certified SHA-256 certificate on our web servers. The works along side our recently updated SSL/TLS cipher suite which does not support any old or obsolete ciphers. All DHE/DCHE ciphers have been updated to 2048 bit encryption to support forward secrecy.

2.5 Comodo SSL Certificates Implementation

We are currently using a Comodo certified SHA-256 certificate on our email server. Each SSL certificate is signed with NIST recommended 2048 bit signatures and provides up to 256 bit encryption of customer data.