14 DAY TRIAL // Back in November 2012, SSL certificate provider GlobalSign released a free online service called the SSL Configuration Checker. The tool is designed to allow organizations to test out the strength of their SSL configurations.
The service tests protocol support, key exchange support and cipher support. Based on the results, a score between 0 and 100 is assigned to the website.
If the score is greater than or equal to 80, the site gets an A. If the score is greater than or equal to 65, the website is graded with B. For scores of over or equal to 50, 35 and 20, the website receives a C, D, or E, respectively.
For less than 20 points, the site gets an F.
In the first quarter of 2013, the GlobalSign SSL Configuration Checker was used to test over 6,000 websites.
The administrators of 269 of these websites have used the remediation guidance provided by GlobalSign to improve their website security. 50% of them managed to strengthen their SSL configuration in 30 minutes or even less after following the guidelines provided by the enterprise SaaS Certificate Authority.
Furthermore, 15% of them managed to improve their grades from a B, C, D or F to A in less than two hours.
The figures show that of the 269 sites, 172 improved their grades to A; 113 organizations improved from an F grade to A, B or C; and 95 organizations strengthened their configurations from a B grade to an A.
“The improvement in website security is certainly encouraging for us to see, but this is the absolute tip of a very big, fast-moving and dangerous iceberg,” said Ryan Hurst, chief technology officer of GlobalSign.
“Administrators can use the SSL Configuration Checker to greatly improve and remediate the security of poorly configured sites, but it is the awareness of this free and easy tool that we are trying to drive. Both small and large organizations with websites must adopt best practices, but first they have to identify the strengths and weaknesses of their sites' SSL configuration.”
As far as Alexa 100 websites are concerned, the SSL Configuration Checker shows that 51% of them get an A. On the other hand, 25% received a B and 5% scored a C, which indicates that there’s still room for improvement.