Before reading this article, open a web browser and go to your website (or your favorite site of the day) and look carefully at the URL. Maybe you haven’t taken the time to look at the first few letters in a while. You may need to actually click on the URL to see the first few letters but you should see it starts with either HTTP or HTTPS. Just to the left of these letters, you will next notice either a small icon that looks like a lock or the words “Not Secure.” Have you carefully considered what these mean? If not, it is now more important than ever to make sure your website is properly set up for success from the very start. This all begins with what is called an SSL.
If the website you are looking at begins with HTTPS, then it has an SSL certificate properly installed.
The term SSL has become increasingly common ever since Google started emphasizing security. At first, this was merely a recommendation. But obviously online security has become an important topic around the world as eCommerce and privacy concerns grew during the last decade. Once Google officially started making the SSL a ranking signal that affects SEO, nearly every website owner in the world rushed to secure his or her online presence.
The phrase SSL is short for Secure Sockets Layer. This tool provides a secure method for transferring sensitive information on the internet. Websites with an SSL certificate are considered to be generally safer because they keep data secure and encrypted. It is important to note, it is nearly impossible for any website to guarantee 100% privacy and security for its users. For example, even some of the largest companies in the world, like Facebook and some major credit card providers, report data breaches from time to time. But, sites with an SSL claim the data shared tends to be safer and more protected than sites that do not show this lock icon.
Technical details of an SSL certificate
If you’re like the average website owner, you probably have some understanding of what an SSL is used for. But do you understand the details? Let’s dive into more details on how the SSL certificate protects against online theft.
The SSL certificate provides something called public-key encryption. This is often referred to as asymmetric. Asymmetric encryption is helpful because each party participating in a transaction (typically the website and the viewer or customer) must generate both a public and private key pair. This is an extra step that websites without an SSL do not incorporate.
To visualize this process, imagine a large metal gate. No matter how big and strong that gate is, it still swings open easily. Now, picture a padlock like the gray icon that appears on websites with an SSL – except this one is in the real world. Put that padlock on the gate and it is now possible to inspect the lock and try to open or close it with a key. But obviously, like most locks, only the correct key will work to unlock the gate when closed properly. The padlock on websites with an SSL provides a public key that is visible to anyone in the general public. But private keys are used on sites with an SSL certificate to make sure the gate stays closed for certain information to remain protected.
It is commonly known that hackers, bots, and scam artists are everywhere online. They are constantly searching for unsecured websites where forms might be used to collect data. If you’ve ever filled out a form on one of these websites without and SSL your information could (theoretically) be intercepted by unknown third-parties.
Believe it or not, there are very sophisticated listening programs that can be placed on unsecured websites. The programs might stay dormant until someone begins filling out a form. Then, the listening program wakes up to grab the data. But websites with SSL certificates help protect against these types of attacks by binding with web servers. This instant connection requires no manual work on your part once the SSL is properly installed. The best news is that once the SSL is installed, no one is supposed to be able to see or access any shared information.
Will an SSL help me even if I don’t sell anything or collect information?
Regardless of whether you are collecting information, selling products, or simply providing free open information online, there are many reasons why an SSL certificate is important. Just a few years ago, it might have been ok for a website to not have an SSL. However, if your website does not currently have the letters https before the URL you should very seriously consider asking about how to add an SSL certificate immediately.
1. SSL certificates are free
If you were worried about not having the money to pay for an SSL certificate, then it is important to understand it is possible to begin this process without spending dollars. There are services available that provide free SSL certificates. But beware of the downside associated with a free SSL. First, free certificates are not going to provide the ideal type of security if you are collecting information from website visitors. This is especially true if you are collecting payments online. Second, you will find it very difficult to receive technical support from companies offering free SSL certificates. The old saying ‘You get what you pay for,’ is especially true in this scenario. Third, and most importantly, it can be very inconvenient to keep a free SSL certificate up to date. Depending on the website company you end up working with, you may only have to renew an SSL certificate that you pay for once a year, every other year, or perhaps never if they take care of it for you. However, free SSL certificates might need to be renewed every 90 days.
For these reasons, we highly recommend you do not rely on a free SSL certificate. However, some website companies might include the cost of an SSL certificate for your website within the price of another service, such as your initial website build, hosting cost, or marketing retainer. Make sure to read the fine print carefully before moving forward with such terms.
2. Online payments are protected by an SSL
Are you using or building a website that will accept online transactions? If so, we can not emphasize enough that your site must include an SSL certificate. Any reputable business will want to tell customers their information is safe. If this is not the case, you might be opening up your customers to major problems down the road. Or worse, if your customers find out their information was stolen or could be stolen during a purchase, they might be angry and even threaten legal action. Be proactive before this happens! Add an SSL certificate today to keep usernames, credit card information, and passwords from being hacked.
3. The SSL will improve SEO
As mentioned above, Google changed its algorithm in 2014 in order to encourage websites to become more secure. This update began rewarding websites with an SSL by ranking them above sites without this certificate. Essentially, if your website does not have an SSL, Google will basically penalize your content by ranking you lower than others. Don’t believe us? Conduct a couple of searches for terms related to your industry on Google. Then start clicking down the list to see how many links appear before the first domain that does not include an https. (Hint: You might be searching for a very long time, or forever, to find a search result that does not include an SSL certificate.)
4. Gain consumer trust with an SSL certificate
Due to all the issues discussed here, consumers now inherently or overtly trust websites with an SSL over websites that do not display the secure icon. Even though Google was the big driving force behind the importance of SSL certificates, most other search engines like Bing and Yahoo! now also prefer them as well. It is becoming increasingly common for web browsers to even warn people if they are about to visit a site that is not secure. This warning can significantly impact the trust others have in you, your business, your sales process, and the quality of your overall product or message.
Even if you have never considered an SSL certificate in the past, today it is easier and more important than ever to add this to your online plan. This simple change might have a dramatic impact on the number of visitors and sales on your website. Reach out to us if you have any questions or need help getting the SSL certificate set up right away.
Nick is the owner of Shark Jockey Digital and 20 year veteran in the marketing industry. He currently helps clients with development projects, lead generation, website creation, SEO, SEM, PPC, social media marketing, Google reviews, online listing, and campaign management.