Migrating from SSL to Secured Domains

What’s changing?

Previously, customers could choose whether they wanted to secure their pages and tracking links via SSL. The responsibility of procuring, maintaining, renewing, and securely sending the certificates to Marketo lie entirely with the customer – Marketo just hosted them. In 2017, Chrome and Firefox announced they would begin marking any unsecured pages with clear ‘NOT SECURE’ warnings in their 2018 releases to encourage the use of SSL, and even distrusted certificates from certain providers. This essentially designated the certificate as a foundational security necessity to prevent customers fleeing from unsecured sites.

This change reinforced the increasing need for companies to protect their data and mitigate against online security threats. Recent studies have shown that ~45% of organizations are targets of Distributed Denial of Service (DDoS) attacks, typically lasting a few hours, and potentially costing companies not only lost revenue, but also customer data and overall trust. [1]

Simply put, an SSL certificate just isn't enough anymore, which is why Marketo updated how we manage SSL certificates and the overall security of our customers' landing pages with the introduction of Secured Domains, a comprehensive managed service, in early 2018.

How is Secured Domains different than an SSL certificate?

In contrast to our previous solution, Secured Domains is less focused on the SSL certificate itself, and rather the security and performance benefits gained from our partnership with CloudFlare, an industry leader in secure solutions. Secured Domains not only includes the necessary SSL certificates, but, more importantly, provides robust security protection thanks to the investment made to secure our servers, which host Marketo landing pages, behind CloudFlare’s trusted security infrastructure.

With CloudFlare’s enterprise-grade tools securing our servers, we protect against security vulnerabilities and attacks on your Marketo pages.

• Managed Web Application Firewall (WAF): keeps your pages secure by filtering and deflecting malicious attacks
• DDoS Protection: keeps your pages live by absorbing attacks and preventing the pages (and Marketo's infrastructure) from crashing
• Content Delivery Network (CDN): a load balancer to distribute page views based on geolocation, which allows landing pages to load more quickly

Secured Domains also shifts the ownership of the SSL certificates onto Marketo, which eliminates the hassle of having to coordinate the procurement/management/renewal by Marketing & IT teams. Best of all, because our certificates automatically renew each year, Marketers no longer need to worry about landing pages crashing due to expired certificates. For more information, please see our Technical FAQ: Secured Domains for Landing Pages.

How do I learn more about Secured Domains?

If you’re an existing customer, please contact your Marketo Customer Success Manager to discuss. If you are unsure how to get in touch with your Customer Success Manager, please contact CustomerCare@marketo.com.

If you’re considering Marketo for your marketing automation solution and would like more information on Secured Domains and how it can improve your site security and performance, please contact GRP-Marketo-Sales@adobe.com.

NOTE: 

Due to the security and risk mitigation enhancements we've made to protect Marketo servers, all SSL certificates are now uploaded to CloudFlare. Marketo customers will be required to use the SSL certificates (authored by DigiCert) included with the Secured Domains offering unless an EV certificate is currently used or required by industry regulations (i.e. Banking/Healthcare/Government). As of September 2019, Secured Domains will be automatically included as a base solution in all Marketo subscriptions come renewal.

[1] Tim Matthews, Imperva, DDoS Impact Survey Reveals the Actual Cost of DDoS Attacks, 12 Nov. 2014