Best Practices

Creating, promoting, and following best practices help enhance online safety, data security, privacy, and brand and consumer protection. Organizations of all sizes should apply these efforts, following a review of their respective legal, regulatory, and compliance requirements.​

Best Practices: Infrastructure Security
Improving Technical Security 16 April 2019

Best Practices: Infrastructure Security

Optimize TLS implementation using information gleaned from public tools. This includes eliminating use of insecure ciphers and older, insecure...

Best Practices: Privacy
Privacy 16 April 2019

Best Practices: Privacy

Basic Notice/Disclosure Make sure the privacy statement has a link and is easily discoverable from the home page. Place...

Best Practices: Email Unsubscribe
Building Trust 28 November 2018

Best Practices: Email Unsubscribe

Email is a vibrant channel for marketers to connect with consumers on many fronts, providing an important value exchange...

Best Practices: Enterprise IoT Security Checklist
Internet of Things (IoT) 17 April 2018

Best Practices: Enterprise IoT Security Checklist

The Internet of Things (IoT) has found its way into all aspects of our lives. In particular, consumer IoT...

Best Practices: Cyber Incident Response Readiness
Security 25 January 2018

Best Practices: Cyber Incident Response Readiness

Complete risk assessments for executive review, operational process and third-party vendors Review security best practices and validate your organization’s...

Best Practices: Botnets
Building Trust 2 October 2017

Best Practices: Botnets

About Botnets A “bot” or “botnet” is a program installed on a system to enable that system to automatically...

Best Practice: Extended Validation Certificates (EVSSL)
Building Trust 2 October 2017

Best Practice: Extended Validation Certificates (EVSSL)

We increasingly live, interact, and do business online, making the concept of online trust more important than ever before....

Best Practices: Certificate Types
Building Trust 2 October 2017

Best Practices: Certificate Types

E-commerce has grown at exponential rates, with consumers recognizing the convenience of purchasing online and making secure and private...

Best Practices: Email Authentication – SPF, DKIM, and DMARC
Building Trust 2 October 2017

Best Practices: Email Authentication – SPF, DKIM, and DMARC

Email security, authentication, and related best practices are the foundation of the Internet Society’s Online Trust Alliance work to...

Best Practices: Consumer IoT Information & Resources
Internet of Things (IoT) 1 October 2017

Best Practices: Consumer IoT Information & Resources

The Internet of Things is changing the way we live, from increasing our energy efficiency (and saving money on...

Best Practices: Mobile App Privacy & Security
Building Trust 1 October 2017

Best Practices: Mobile App Privacy & Security

As mobile usage and application development continues to grow, the need to adopt best practices in data security, app...

Best Practice: Always On SSL (AOSSL)
Building Trust 8 July 2017

Best Practice: Always On SSL (AOSSL)

Trust and consumer confidence is the foundation upon which the Internet has been built. A core element of that...