You know just what a boon SSL can be to your business when it comes to keeping your transactions safe, ensuring that your sensitive information – such as credit card numbers, social security numbers and login credentials – is transmitted securely. Not only is it required by the Payment Card Industry, but it’s good business practice to make sure your customers’ information is safe and secure in transactions with your site. Encryption has an impact on the load time, and a wise site owner will work to find the best possible implementation to minimize the effect.
The impact of SSL in terms of speed and authentication is different from one environment to another. Factors include type and source of content, hardware and software tailored solutions such as outsourced transactions and through-put to traffic, whether and how the admin has preloaded pages. Additionally, with the industry switching SSL requirements to a larger minimum key size by 31 December 2013, site owners want to avoid a negative impact on page load time. Large businesses often just ‘throw money’ at the problem, setting up server clusters or additional virtual machines. This may or may not be the right answer for your environment, so now might be the time to start considering what other changes can help keep your website speedy.
There’s money on the table – the value of online sales in Australia is expected to reach more than $31bn this year (Experian, Nov 2012). E-commerce sites may well lose business if the page load is too slow – because quite often, when customers encounter slow response and long waits, they will go elsewhere.
So, what’s the solution? SSL Acceleration could well be it. One of the first methods used to address performance challenges is through the use of a hardware accelerator. This is a card that plugs into a PCI slot or SCSI port of the server and contains a co-processor that performs part of the SSL processing, relieving the load on the web server’s main processor. (This would be a good place to link to an example, or recommended brand?)
How good is it? The level of performance improvement you get with a hardware accelerator will vary from one vendor to another, but, if you really want to be in the fast lane, SSL acceleration is worth a look. Some vendors claim an increase in SSL processing capacity of 500% or above. You can add additional cards to the same server to step up capacity even more, and install dual cards for high availability and failover. Some cards also include additional functions, such as key management.
Finally, another way of accelerating SSL is to use a different algorithm, such as Elliptic Curve Cryptography (ECC). A Symantec ECC-256 certificate will offer equivalent security of a 3072-bit RSA certificate. Line these up against a 2048 RSA key (the industry norm) and ECC-256 keys come out some distance ahead – they are around 10,000 times harder to crack. Additionally, ECC can handle more users and more connections simultaneously, with lower latency increases than the RSA alternative at the same mid-range CPU volumes – all of which adds up to a more secure and swifter experience for your site visitors. To this impatient shopper, that sounds like good news.