The privacy and security of customer data is of high importance at Murphy Insurance Agency. We have implemented procedures, security devices and data access controls to prevent unauthorized access. So that you can verify that you are connected to the Murphy Insurance Agency website(www.dfmurphy.com) when sharing information with us, we use Comodo’s SGC SSL Certificate with up to 256-bit SSL encryption. It protects the information you submit when using our interactive online forms for quotes, claims and other requests. NOTE: Our online Auto Insurance Quote form is powered by Boston Software through an embedded link. Boston Software provides its own 128-BIT SSL Security encryption for this specific form to protect submitted information. This SSL encryption is a different platform separate from the Comodo SSL Certificate used for other forms on our website.
What is SSL and how does it protect you?
What is SSL?
SSL, which stands for Secure Socket layers, is a today’s standard security protocol for securing communication and transactions over the Internet. It provides confidentiality and data integrity operates between a browser and a Web site by using cryptographic techniques. When used with a third-party-issued certificate it can report trustworthy information to browser and it’s user about the Web site to authenticate.
When a browser user wants to send information to a website, the browser accesses the Web server’s digital certificate to obtain it’s public-key, which is used to encrypt the data sent over the Internet. Since the Web server is the only one with access to its private key, only the server can decrypt the information creating a secure pipeline to transmit data.
What is a Certificate?
A certificate (more properly called a public-key certificate in this context) is an electronic document that is signed by a certification authority, such as Comodo, asserting the binding between identifying information and a public key that can be used to authenticate the entity to which the identifying information applies. A standard certificate typically includes a variety of information pertaining to its owner and to the certification authority that issued it. As a minimum, the identifying information includes a domain name, and the browser verifies that the URL displayed in its address bar is in the domain identified by the certificate. The certification authority’s public key can be used to verify its signature on a certificate. If the certificate is valid and the domain it contains includes the URL displayed in the browser’s address bar, then the browser will display a padlock icon.
What is a certification authority?
A certification authority is a trusted third party that issues certificate. It validates the certificate holder’s identity and “signs” the certificate so that it cannot be tampered with. On the Web, certification authorities are typically separate business entities whose public keys are provisioned to the browser by the browser supplier. The certification authority accepts requests for certificates from website operators who provide the identifying information that they wish to have included in the certificate. The certification authority verifies the accuracy and applicability of the identifying information before including it in the certificate and returning it to the Web site operator.
How an SSL connection works
- A person uses a Browser to connect to an SSL-protected website (URL starts with https).
- The website Server authenticates by presenting its certificate and the cryptographic proof that it has the associated private key to the Browser.
- The Browser verifies the signature to determine if the certificate is trustworthy. As long as the certificate is signed by one of the browser’s trusted Certificate Authorities the secure connection starts.
This process takes just seconds and is typically transparent to the users. If there are concerns matching the identity, a trust dialog would be presented to alert the User to any concerns.
How can I tell if my website connection is secure?
Websites using an SSL certificate display a secure URL starting with https rather than http on secure pages. Also, the browser usually displays a padlock or key in the lower corner of the window when the page is secure. When running in normal mode, the padlock/key will be broken or may not be displayed. Once an SSL connection is established and secure mode is enabled, the padlock/key will be closed or be displayed.
On pages of our site that provide general information, the padlock icon on your web browser may not appear or will not show as locked. The closed padlock or key will appear on encrypted pages that request or display specific information about you.
Your security role. Keeping your information safe.
While we use a variety of measures to protect your information, your actions also play a key role in keeping your personal information secure.
There are a variety of things you can do to enhance your online security including:
- Use current software versions and keep your software up-to-date with regular download of updates and security patches.
- Use anti-virus software and download updates frequently.
- Use anti-spyware software and download updates frequently.
- Use an Internet firewall (hardware or software).
- Update your browser to the latest version and make sure it uses strong encryption (at least 128-bit).
- Follow recommendations from your computer manufacturer, operating system and other vendors to protect your computer from unauthorized access.
- Protect your wireless home network. Default settings are not normally secure so follow instructions or contact the vendor enable security measures.
- Clear your browser’s cache and temporary Internet files.
- If using another PC or connecting to a wireless hot spot, verify their security measures and use caution in sharing any private information.
Use care when sharing personal information.
Beware of phishing. Phishing is use of mass e-mail messages or other means that claim to come from a legitimate business. Often, emails contain links to phony Web sites where you are asked to provide personal information such as passwords, credit card numbers, social security numbers, etc. Never supply personal information by e-mail, telephone or mail unless you have initiated the contact yourself or know with whom you dealing.
We use Comodo SSL so that you can always verify that you are connected to Murphy Insurance Agency and can look to make sure that the site is in secure mode when sending personal information via the Internet.
You can learn more about phishing at www.antiphishing.org or www.consumer.gov/idtheft/.
E-mail from Murphy Insurance Agency. Murphy Insurance may use e-mail to communicate with you since it is a convenient and often preferred method of communication by many individuals and businesses. We take seriously the importance of protecting your information. When it comes to communicating with you by email, Murphy Insurance utilizes specialized technology to identify emails initiated by us that contain personal information as defined by Massachusetts Standards for the Protection of Personal Information of Residents Law (MA 201 CMR 17) and HIPPA.
Emails being sent to you are scanned for regulated information. If an email contains such information, it is transmitted to your own Murphy Insurance secure mailbox that is password protected and encrypted. You will receive a notice through your regular email provider that you have secure mail from Murphy Insurance. You can then login to your personal secure mailbox to review and respond to any messages. Learn more at dfmurphy.com/securemail.
E-mails you send us using your regular email provider is NOT secure. While our online interactive forms and emails sent using our secure mailbox are secure, Murphy Insurance cannot guarantee the confidentiality of information you send to us through your regular email provider since it is not encrypted. You can use your Murphy Insurance uses secure mailbox to send us emails containing personal information. Visit dfmurphy.com/securemail for details.If you have questions about an e-mail you receive from us or about using your secure mailbox, please contact a trusted associate at 800 222 8711.