A recent report by Sandvine, a networking equipment company based in Ontario, Canada, shows that encrypted SSL network traffic has been rapidly growing. SSL encrypted traffic in North America, for instance, grew from 2.29 percent in 2013 to 3.8 percent in 2014, while Europe’s encrypted SSL network traffic usage grew from 1.47 percent to 6.1 percent over the same period, according to Sandvine.
SSL (Secure Sockets Layer) establishes an encrypted link between a server and a browser. When you visit a website with SSL, the site’s SSL certificate allows you to encrypt the data you send, according to security firm Symantec. Information sent over the Internet that’s typically encrypted includes credit card information, names or addresses.
Issues with SSL Encrypted Traffic
While most organizations today use SSL to secure traffic between multiple locations, the truth is that upgrading websites and applications to support SSL can take considerable effort, says Intel, a multinational technology company. “SSL is computationally intensive, and requires the server CPU to spend a considerable number of cycles encrypting and decrypting traffic,” the company says. “This negatively impacts the response times and latency that the user experiences.”
In addition, security issues begin to mount as SSL traffic rapidly increases. These challenges include the ability of security devices to inspect SSL traffic effectively, according to information security firm NSS Labs. With the rise in the use of HTTPS – and social media applications and search engines enabling SSL by default – blind spots can emerge that could possibly reduce security on corporate networks, since network security products and other defenses may not be able to monitor SSL traffic, NSS Labs says.
As it relates to malware, although only a small percentage of malware attacks are designed to attack using SSL, they can pose significant risks to an organization. “As more