SSL is secure socket layer ie. HTTPS:// instead of HTTP://
Every web page that is sent via HTTP:// is in plan text and can easily be intercepted or even changed via what is know as "man in the middle" or "man on the side" attacks.
Mobile network provides often "improve" HTTP web pages by injecting their own scripts & images, often these unwanted "improvements" break the page being served. HTTPS prevents the carriers from being able to inject their own content.
Even when you only access the system via
Access Control Limits (ACLs) are the expression of the systems information security policies, they can be complex in their nature and vital to not only be correct but also to be seen as correct. The ACLs sanity checks allow for this business level visibility to the information security policies.
All sanity checks in the base product are run as part of the system build process which does not proceed if there are any failures.
The sanity checks allow for dummy data to be generated ( but not saved) and
The default SSL handler for the hosted sites has been upgraded to include "perfect forward secrecy" and we have dropped support for the weaker SSL ciphers.
The drop of the weaker SSL ciphers means old browsers such as Windows XP IE7 will no longer be able to connect via HTTPS. IE7 will still be able to connect to the non-encrypted HTTP sites or alternatively Windows XP users can use more modern browsers Chrome or Firefox.
HTTP Strict Transport Security (HSTS) has been enabled by default,