1 Overview

How does bxp keep your communications secure?

When using bxp, all of the pages will swap you from a standard communication method (HTTP) to its secure equivalent (HTTPS). So in an identical way to your online banking, every communication is completely secure and encrypted all the way from your machine, straight though to storage of the data in the back end of the system.

bxp will swap you back immediately to HTTPS even if you try to manually circumvent the security.

In order to ensure the encryption is done properly a third party supplier verifies that the encryption is being done properly. Thawte is the company that provides this independent verification.

2 Technical definitions

2.1 Hypertext Transfer Protocol Secure

HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server. The use of HTTPS protects against eavesdropping and man-in-the-middle attacks.

2.2 Thawte SSL Certificates

Thawte® SSL Web Server Certificates secure confidential information exchanged online and confirm your site’s identity to employees, business partners, and other users. When users click the Thawte® Trusted Site Seal or view certificate details, your organisation's name appears and shows that Thawte, a trusted certificate authority, has verified the site’s identity. SSL Web Server Certificates can include full organisation authentication details.

2.3 Thawte SSL Certificates Implementation

At AllnOne we will always attempt to keep as secure as possible with the latest updates. We are currently using a Thawte certified SHA-256 certificate on our web servers. The works along side our recently updated SSL/TLS cipher suite which does not support any old or obsolete ciphers. All DHE/DCHE ciphers have been updated to 2048 bit encryption to support forward secrecy.