Today we are doing more online than ever before. From ordering groceries to checking bank statements and accessing health records, the internet has given us the freedom to organise our day to day lives from the comfort of our own homes, or even on the go.
That being said, sharing information online puts us in a vulnerable position if the site we’re using isn’t secure. Everyone has a right to privacy on the web and as a web owner, ensuring the privacy and security of your web users should be a top priority.
Thankfully, there are a number of precautionary measures you can take to secure your users’ data. As a first step, we recommend the purchase of an SSL certificate. And you’ll be happy to hear that the benefits extend beyond heightened security.
But first, what exactly is an SSL Certificate?
SSL Certs – HTTP vs HTTPS
Unless you’re an infrequent web user (which is doubtful considering you’re reading this blog), you’ll have noticed that some websites begin with HTTPS while others begin with HTTP or www.
You may also have observed that a green address bar and ‘secure’ label accompanies HTTPS website URLS, while non-HTTPS websites get the less lucrative info symbol or worse still, red danger sign.
Well the ‘s’ that separates these types of websites stands for secure and only appears if communication between your browser and the website is secured.
An SSL (secure sockets layer) certificate is used to encrypt communications between the user’s browser and your website. Without this certificate and a secure connection, all communications are in plain-text and could be easily read by an eavesdropper who has access to any of the network components between your website and the user’s browser.
The other purpose of the certificate is to verify the identity of the domain/owner of a website, reducing the risk from any potential phishing attacks, where fraudsters impersonate a website in order to obtain personal information.
Why do I need one now?
The vast majority of SSL certificates in use today are what are known as domain validated certificates. These certificates will warn the user if the domain name and the certificate do not match.
Before now, the focus of SSL certifications was very much on those businesses taking payments online, even with a payment merchant processing the transactions. But Chrome has made it their sole aim to help users browse the web in a safer fashion, regardless of whether they are browsing eCommerce sites or not.
Since January of this year, Chrome has been marking HTTP pages collecting passwords and credit card details as non-secure as a first step towards marking all non-HTTPS sites as non-secure. And as the most popular browser on desktop and mobile, it is vital that your website is not falling behind the standards set by the internet behemoth.
If you’re not already convinced that you need an SSL certificate for your website, here are a few other considerations:
An SSL certificate will not prevent your site from being hacked but it does prevent eavesdroppers from stealing usernames, passwords or credit card information that would otherwise be transmitted in plain-text. An SSL certificate reduces the risk for you and your customers by encrypting sensitive data in-transit.
Protecting your site from hacking requires a holistic approach to your security requirements of which SSL and data encryption is an important component.
The discipline of SEO can be difficult to master as it is not always clear. However, in 2014 Google rolled out a new search algorithm and has been favouring SSL certified websites ever since.
While other ranking signals still bear more weight when it comes to SEO, such as relevant content, if you’re competing for keywords and notice your competitor’s site is non-HTTPS, making the switch to HTTPS could result in your website outranking theirs in Google search results.
In the latest Chrome update, any non certified sites will be marked as ‘Not Secure’ and this warning will deter many potential prospects from engaging with you online. So while it is not compulsory, failure to add an SSL cert to your site will cost you potential prospects, eCommerce transactions and subscribers.
4. Website Conversions
According to GlobalSign, a web-trust certificate provider, 84% of website visitors surveyed said they would abandon a purchase if they knew the data was going to be sent over an insecure connection. Your site could be stirring up visitor anxiety causing your business to miss out on conversions from visitors who can’t decide whether they can trust the security of your website.
Extended Validation (EV) certificates provide further assurance to your visitors that the website they are visiting belongs to your organisation, thus leading to more website conversions.
What is an EV SSL Certificate?
In order to obtain an EV SSL Certificate, your identity must be verified by a certificate authority (CA). This is a thorough but straightforward process, and once complete, gives the user confidence that the site they are viewing is authentic.
Any website that has an SSL certificate will display a green address bar, and feature a secure label and lock symbol beside the URL. But websites with an EV SSL certificate also display the company name prominently in the address bar – a hallmark for security.
To see what an EV certificate looks like, visit the Software Design website.
What do I do now?
Adding an SSL certificate to your website is very straightforward and can be implemented quickly. Prices vary but we recommend going with an EV Certificate, the highest class of SSL Certification.
If you’re still uncertain about the benefits of SSL certificates, we can help you select the most appropriate level of certificate for your website and implement it accordingly. Call Aoife on +353 1 522 7690 or email firstname.lastname@example.org to discuss your options.