header-slide-1.jpg
user

Why A SSL Certificate For Your Website Is No Longer Optional

Posted on Monday, December 03, 2018 by Julia O'Reilly

Why A SSL Certificate For Your Website Is No Longer Optional

As you surely have seen on the news in the past year, website hacks and breaches like the Equifax hack in September 2017 and the Facebook hack in September 2018 are a constant. The creativity and reach of cybercriminals grows ever larger. Ugh.  But the good news is that for several years, organizations like Google have been working toward the making the web a safer place by encouraging website owners to use HTTPS protocol for secure transmission.

In July 2018, safety measures became even more rigorous. Google announced it would be marking all sites that have not adopted HTTPS as not secure. This means if your website doesn’t have an SSL certificate, it will display a ‘Not Secure’ in the URL bar. 

ssl not-secure message

If this doesn't scare visitors away from your site, it should. If your business has a website, it's your responsibility to secure your customers information.*  Be sure that ackers and spammers work continuously to steal your customers information or use your website as a launching point to place virus attacks. 

*"Such information can be login details, signups, addresses and payment or personal information. SSL certificates will encrypt the connection and help protect your visitors’ data from being misused by attackers."
_Forbes Magazine, Ivailo Nikolov, May 18, 2018

As the Internet changes, we advise our clients on how to adjust with it. Search engines like Google, Yahoo and Bing are are now requiring website domains to render (that is, display your website) using the secure connection of HTTPS in order to continue to be found within their search results. We can't stress enough the importance of a SSL certificate and pointing your website's pages to HTTPS. When you visit any website on the Internet, data is transferred between a server and your browser. We want all of this transferred data to be encrypted.

According to Kayce Basques, Technical Writer for Google:

"You should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications. HTTPS provides critical security and data integrity both for your websites and for the people that entrust your websites with their personal information."and "One common misconception about HTTPS is that the only websites that need HTTPS are those that handle sensitive communications. Like taking credit cards. Every unprotected HTTP request can potentially reveal information about the behaviors and identities of your users. Although a single visit to one of your unprotected websites may seem benign, some intruders look at the aggregate browsing activities of your users to make inferences about their behaviors and intentions, and to de-anonymize their identities."

Make sure your tech works!

"...certain browser features require HTTPS to work. Features like getting a user’s location, accessing their microphone, or storing data locally on their device, all require that your website supports HTTPS."
_digicert, Vincent Lynch, January 8, 2018

So What Is HTTPS?

HTTPS or Hyper Text Transfer Protocol Secure is a secure version of HTTP (Hyper Text Transfer Protocol). All websites use HTTP to transfer data from a server to your browser. HTTPS encrypts the data on either end for maximum security. For example, if you provide personal information in a website form your information is encrypted on one end and decrypted on the other end.

How Do I Acquire HTTPS?

The first step is a SSL (Secure Socket Link) certificate. In order to create a completely secure connection, an SSL certificate for your domain must be purchased. This certificate is purchased from a Certificate Authority by the administrator of the server that hosts your website. The SSL certificate will contain a public encryption key that is downloaded by the browser.

Once the SSL certificate is installed on the web server where your website lives, the next step is to test every page for errors, assets not loading or broken links. This is a complicated process that should only be handled by a trained webmaster or web professional. Adding HTTPS to your website will change the page URLs of every webpage the search engines already have indexed in their results. If this transition is not managed properly, your website could suffer serious search ranking penalties or set backs. Successfully enabled HTTPS websites with SSL certificates are seen as more trustworthy for visitors.

Contact us to learn more about adding SSL to your website.

read more