Herald switches to Sioux secure server

We are pleased to announce that Herald Information Systems will shortly be switching across to a more secure Web server, offering encryption for Web transactions so that the information exchanged cannot be read by eavesdroppers and certification to give your customers peace of mind that they are connecting, and sending their data, to the right place. Currently we are in the final stages of testing, and we expect the final cut-over to take place within the next few weeks.

Current software

At the moment Herald's site runs the CERN Web server. While the CERN server was one of the best available this time last year, little development has been done since. In the fast-moving world of the Internet, this means that it has begun to lag behind other, more current, servers, and thus it is time to change.

The Sioux server

The Sioux server, to which we are switching, is based on the popular Apache server (currently used on over 50% of UK commercial sites, according to the Netcraft survey for July [1996] -- see for more details). However, it also offers security features which Apache does not; specifically, it supports secure transactions, and X509 digital certificates for proof of identity.

The benefits to you

For those of you who wish to take orders over the Net, and may have found that people are reluctant to send their details online, the availability of a secure method of accepting information may help people to feel happier about sending you the information you require to process orders.

Moreover, the presence of a secure transmission facility, even if they decide not to use it, shows that you are serious about doing business online.

What do I need to do?

Firstly you need to consider how to get the data sent from our server to you. Having the data encrypted between the user's Web browser and our server is of little use if we then turn round and send it as unencrypted email. This may mean that you will need to install some extra software to work with your mail system.

Alternatively, if you have a fax machine we can fax you the data directly from our server.

We can advise on what software you may need, and on the design and construction of online catalogues.

We hear a lot about Netscape servers. Why aren't you using Netscape?

Netscape's servers have one major disadvantage for non-US sites, and it is shared by most secure servers currently available. Because the US classes encryption software as a 'munition', the regulations currently in force prohibit the export of software capable of better than 40-bit encryption. With advances in hardware and software appearing at today's rates, we do not believe that 40-bit encryption offers sufficient security for clients wishing to accept credit-card transactions, so therefore it is necessary to look for servers from non-US companies.

What's a digital certificate?

When sending sensitive information across the Net, most people would like some assurance that it is being sent to the correct place. A digital certificate helps to achieve that, because it gives assurance that an independent third party has agreed that the server concerned belongs to the company to which it claims to belong. (Generally, to acquire such a certificate, a company must produce proof of its right to trade under that name -- company registration documentation, for example -- proof of its right to use the domain name concerned, and a signed letter from an official of the company certifying that they wish to be issued with a certificate.)

For more information

If you would like to know more about our secure server and how we can help you to do business online, please contact us by any of the methods shown on the back page [or, for the Web-based reading this, find our contact details here].