Posts

What Is a SSL Certificate, and Why You Need One

As a website owner you’ve probably heard the words “SSL certificate” getting thrown around a lot. When you’re first getting your website built all of this technical jargon can seem like you’re trying to learn another language.

However, if you plan on having your customers input their private information online, then you need to utilize the additional security measures provided by an SSL certificate. Below we highlight what an SSL certificate is, how they work, and what situations it would be smart to encrypt your website with SSL.

What is an SSL Certificate?

Confidence is so important on the Internet. Any site that acquires a reputation for unreliability, insecurity or dishonesty can expect to see traffic dwindle to zero. On the other hand, a site that can prove it takes security seriously can attract more visitors. And that can be good, whether your hosted web site is for a community, a membership service, or e-commerce. Surfers and online shoppers also increasingly recognize the on-screen presence of a small padlock icon or a website address that begins with “https://…” as signs that they can trust the site they’re connecting to. That’s SSL or ‘secure sockets layer’ in action.

The biggest reason websites use SSL is to protect sensitive information that’s sent between computers and servers. If information like credit card numbers, passwords, and other personal information isn’t encrypted this leaves it open for hackers to easily step in and steal the information.

With the SSL certificate. your information is unreadable to anyone who attempts to steal it. The only people able to decipher it are the intended recipients at the other end of the connection.

With an SSL certificate, your customers can do business with you knowing that their information is going to be safe from identity thieves and potential hackers.

Read this article why Google punishes websites which are not secure.

How Does an SSL Certificate Work?

SSL operates between a visitor’s browser and your site or application. It’s an industry-standard mechanism that ensures the encryption of data being passed backwards and forwards, so that no unauthorized person can spy on the information and hack it. It also prevents cyber criminals from diverting visitor traffic to their own site using their own encryption, and gaining access to your data that way. All major web browsers have SSL capability built in.

SSL certificates add an additional level of security between your website and the information visitors are sharing. They protect your website in two main ways:

1. Enabling Encryption

It can be scary to share your personal and financial information online. A lot of people prefer to use large-scale eCommerce sites like Amazon, because they feel much safer and protected. With an SSL certificate sensitive data will remain encrypted and secure, thus providing your customers with a sense of relief.

2. Verifying the Identity of the Site Owner

The SSL credential identifies the owner of the website, and create an additional layer of trust. Put simply, your customers will know with whom exactly they’re doing business.

Before the certificate can even be issued the identity of the website owner has to be verified through multiple methods. With digital communication it’s often difficult to determine the person on the other side of the connection, but with an SSL certificate you can be sure you’re doing business with your intended recipient, and vice versa.

Do I Need an SSL Certificate for My Site?

An SSL certificate can help to build trust between your visitor and your website. Building trust online is all about giving subtle cues to your visitor that you can be trusted.

By having the little green lock on the browser bar, you’re guaranteeing to your customer that your site can be trusted.

If your website requires the exchange of any personal information, then you might want to consider getting an SSL certificate. If your user is required to enter their credit card information, then an SSL certificate is almost mandatory.

However, you don’t always need a sitewide SSL certificate. Since going through multiple levels of encryption can slow down your website it may be disadvantageous to have certain pages of your site encrypted. There’s also a decent cost involved in order to get your site verified and operating effectively, so this also has to be considered.

If you’re doing business online and are exchanging sensitive information with your visitors, then an SSL certificate will provide an additional layer of security, while increasing your trustworthiness.

Artkenya includes SSL certificates with our ‘Managed Web Hosting’ plans. Whether you need SSL encryption for your eCommerce site or something else, you can secure your site today.

Is it necessary for a new WordPress blog to use SSL?

By Sandra Jocic, Digital Marketing Manager at theiuvo.com

Google’s intention to debunk and penalize potentially unsafe websites is going further.

The recent Chrome 56 browser release introduced a novelty, making sure that non-techie users understand that the green padlock hanging in the left-hand corner of the address bar is not a mere gimcrack, as many users perceived it so far.

Google announced the change last fall, and there it is.

 

There’s hardly a possibility to ignore or misinterpret the “Not secure” label that now hangs on the websites without the safe protocol. A few visitors to a flagged website might understand that this means it simply lacks the SSL certificate – but if they weren’t about to enter any confidential info, it would still be OK for them to hang there. However, a great majority will probably take it for an alarm and just make a U-turn from the website, not willing to take any risk.

HTTPS became a ranking signal on Google as early as 2014, but these days the new Chrome version showed us that they are serious about boosting the “HTTPS everywhere” campaign. They started penalizing all non-secure websites, rather than just rewarding the secure ones, as before. By some estimations, this means that up to two thirds of all the websites on the Internet will suffer the consequences.

Which is fair enough. If you are ignoring your website’s and its visitors’ security, the search engines (and therefore, the users) will be encouraged to start ignoring you. Therefore, users’ confidential information won’t be jeopardized in any way, but it will be your SEO which will take the shot. It seems that the only way to persuade people to raise the safety level is to strike them where it hurts most – on the profit side.

So, let’s wrap it up. What does the SSL certificate that Google so strongly recommends you to obtain actually mean?

Opening any website is done by establishing a communication with servers. Just like any other communication, this kind can also be intercepted by potential attackers (who may be human, but in most cases they are actually human-operated programs), who try to steal any valuable or confidential information either by eavesdropping or redirecting you to their own website that is identical as yours.

Now, if you have enabled the HTTPS (Hypertext Transfer Protocol Secure), instead of the traditional HTTP, this means the communication is being encrypted in a way that is decodable only by the computer that is sending the request and the server that’s receiving it. Anyone else would only get an unintelligible code that they can’t put to any use.

The process of obtaining the SSL certificate should be quite easy. You don’t have to enter the mishmash by yourself – the first thing you should do is contact your hosting provider. Some of them even offer SSL for free. Even if you have to pay additional fees (typically ranging from about $100 up to as much as $1.500 per year), just think about the potential damage you’re avoiding, which will soon be measured by decreasing numbers of visits because people got averted from your website.

So, if you care about your online business, the first thing you should have in mind is protecting it by raising its security.