Why expired SSL certificates put you at risk, and how KYND alerts these risks.
Renewing your certificates is important for your cyber security because it:
- Confirms and validates your website is authentically yours
- Ensures you have the latest version of encryption
- Maintains the integrity of your data during transfer, preventing "man in the middle" attacks
- Keeps you compliant with laws and regulations around data security
Certificate expiry periods can be as low as 90 days or up to 13 months. KYND's position is that shorter expiry periods are considered more secure as more frequent renewals introduce the latest version of encryption more frequently.
Most providers will also allow you to set certificates to auto-renew, which ensures you don't miss an update in encryption standards due to a missed manual update. KYND advises you to enable auto-renew on your certificates to prevent any lapses!
Note: If you enable auto-renew KYND will still alert to an expiring certificate as the expiry date approaches. This is because our scans are external only, and work of the visible expiry date. The auto-renew sits beyond the perimeter where it will not be picked up by KYND. As long as you are confident that your auto renew is working as accepted you can leave the risk, and it will update to GREEN when the new expiry date is made public.