What You Need to Know Today About SSL
Imagine if you woke up this morning to find that your website is no longer on page one of Google. Even worse you check your PayPal account and not a single sale has come in all night.
Your heart starts to race. Trickles of sweat are appearing on your forehead. You’re having difficulty breathing.
The only thing you can think of is that your site must have been hacked.
You go to your website and everything seems to be o.k. Your site has not been hijacked, or defaced in any way, there are no weird ransom messages or re-directs.
So what’s going on?
Then you see it…there it is. You look up at the address bar and see a red triangle and beside it the words ‘Not Secure‘.
You click on it and find this message:
Your connection is not private.
Attackers might be trying to steal your information from www.yoursite.com (for example passwords, messages, credit cards).
What’s happened is that Google has decided to display a warning message on all sites that are not secured with an SSL certificate.
These types of security protocols were only really seen with eCommerce sites, until late of 2017. In October of last year, Google Chrome started to display the ‘Not Secure’ warning on all websites without valid security.
In an effort to not only protect the site visitor, Google is encouraging all website owners to protect their businesses. You can even potentially benefit from a boost in search rankings.
SSL Certificates: The Basics
Let’s start by taking a look at what an SSL certificate actually is and why you need one.
First off, SSL is an acronym for ‘Secure Sockets Layer‘.
Essentially, it is a layer of security that is added to your website that encrypts the connection between a server and a web browser.
Why is this important to you?
SSL allows your website and your visitor’s browser to transmit private, sensitive information without the worry of eavesdropping, web forgery, and data tampering.1
This means that you can safely sell products knowing that your customer’s financial data is secure.
But it’s actually much more than that.
An SSL protects your business, it builds trust and essentially lets your users know that they can feel safe giving you their email address, signing up to a membership area, or any other data exchange that might happen between you and a user.
Netscape actually adopted this encryption protocol way back in 1994 as a response to the growing concern over Internet security. Their goal was to create an encrypted data path between a client and a server with the objective of making the Internet more secure and therefore allowing the transmission of private data and documents.2
Almost every website today encourages users to give some type of personal information. This can be in the form of asking for an email address to sign up for a newsletter, credit card details to make a purchase, etc. Therefore, it is extremely important that you understand the implications of data security. Essentially, as an ethical business owner it becomes your responsibility to keep your visitors safe and therefore you need to get an SSL certificate.
How Does an SSL Protocol Work (the techie stuff)
What’s really happening is that the secure sockets layer, essentially in the form of a digital certificate, is authenticating the identity of your website and encrypting transmissions. It uses a unique cryptographic key to pull together your domain name, company name, location, etc.
What is a digital certificate?
Every site that uses an SSL (secure sockets layer) needs to register for a digital certificate. It’s the digital certificate that actually adds the security layer that allows your website to transfer data privately.
It does this by using a public key infrastructure or most commonly known as simply PKI. Essentially, you get a public key certificate that is then added to your website’s control panel.
Don’t get confused if you hear someone referring to a digital certificate as a public key certificate. Essentially, the two terms are used interchangeably and mean exactly the same thing.
How does it encrypt your data?
Now that we’ve learned what a digital certificate is let’s go a step further.
So the secure socket layers keep your data encrypted by using a system that is cryptographic. Essentially, this is the science of coding and decoding messages so as to keep these messages secure. Coding, or rather encryption, takes place using a key that ideally is known only by the sender and intended recipient of the message.3
When it comes to website security we need two such keys for this to work. The first key is public and the second key, which belongs to the user receiving the data, is private. Just think about the importance of login details needing to be private.
How do I know if a site has an SSL certificate?
There are visible indicators in the address bar of your browser.
Websites with an SSL certificate will start with “HTTPS” as opposed to “HTTP”. The added layer of security is represented by the “S”.
The acronym “HTTPS” stands for “Hyper Text Transfer Protocol Secure” which means that the connection between your website and your visitor’s browser is secure. Data can, therefore, be transferred safely.
Google’s Effort to Protect Website Visitors
Google’s recent change to display warning messages on websites that are not secure should make every website owner pay attention.
Just think about it…who would want to give their personal information to a website with a bold red warning message. This will directly hurt your business and most importantly your credibility. Plus, there is a risk of losing rankings which will directly impact traffic to your website.
Until recently this change was limited to Chrome, however, all other major browsers have started to do the same. The warning messages are slightly different, but still very visible to the user with the negative implications being identical.
Rising Consumer Expectations
Every single day more and more innocent people become victims of cyber-related crimes. We are inundated with heart-wrenching stories in the news about identity and financial theft.
While these stories are hard to hear what they have done is awoken consumers. Today consumers are more aware than ever. They demand more. They expect more. And you need to give more if you want them to continue doing business with you.
Google is helping to educate consumers on website safety and security. As your visitors become more aware of site security with SSL encryption they will definitely begin verifying your website authenticity and credibility before making a purchase or giving their personal information to you.
And rest assured, if you have a security warning message staring at them in the face they will click away…quickly.
Let me ask you this…
How important is it for your visitors to feel safe when they land on your website?
If you care at all about their safety please do not think about it for a minute. Secure your website today with an SSL certificate.
What This Means for WordPress Site Owners
While all websites should consider getting an SSL certificate, this is especially important for WordPress websites.
WordPress is the most used platform for creating both personal and business websites. It is probably the easiest content management system available, but as well one that is known for vulnerabilities and hacks.
But let me clarify here…
It is not the WordPress platform itself that is prone to vulnerabilities, but rather the themes and plugins that are being used. These can potentially create back-doors and loopholes for hackers, malware, and so on.
Just consider the simple fact that “ALL” WordPress sites have a login page. This page needs to be accessed in order to gain entry into the site to write blog posts, update products in your store, etc. Not to mention user access to view purchased products or accessing a private members area. For this reason, every WordPress site should have an SSL certificate to meet the ‘Secured Connection’ criteria.
Recapping the Benefits:
- Protecting your business and site visitors
- Building trust and credibility
- Increasing website security
- Boost in search rankings
- Increasing sales and conversion
How do I get an SSL certificate?
Now that you understand the importance of having an SSL certificate, I’m sure you are wondering how you go about getting one.
An SSL certificate is a subscription based product that is renewed annually. Each year you need to apply for your digital certificate and have the related code added to your website’s control panel.
You have the option of installing it yourself or having an agency such as ezWPseo take care of everything for you.
Want to learn more about SSL? Still not sure if you need one?
Well, we’ve got you covered. We have prepared a special video course that provides everything you need to know about SSL. You will learn the exact steps you need to take to mitigate risk, protect your customers and protect your business.
Sign up now and get instant access.
- What is SSL? | SSL Information and FAQ from Comodo, What is SSL (Secure Sockets Layer)?
- History of SSL Certificate | When was SSL Certificate Introduced, History of SSL Certificate
- Define cryptographic | define cryptographic – Google Search
Image already added