Clients sometimes ask us about SSL and why they need it on their websites. Some already know that it stands for “secure socket layer” and that it is a security protocol that keeps private data away from the prying eyes of anonymous malcontents through encryption. Others only know that it’s important because their designated nerd told them about encryption and to be more serious about security. Still others know that SSL is not yet a requirement and choose to avoid the expense.
Regardless of which camp you inhabit, there are 3 primary reasons that you should get an SSL certificate for your website as soon as possible.
Privacy Builds Trust
If you already run an eCommerce website, you’re probably well-versed in security and know that the minute the little browser lock goes from locked to unlocked, you lose sales. And rightly so. Your customers are becoming more savvy about Internet security and if their browser doesn’t throw up a huge warning notice about the lack of security on your website, they’re likely to already be aware of warning signs and move on to a safer shopping environment.
But why would a regular website need to worry about visitor security? Well, you probably have some sort of contact form on your website… right? How about that user name and password you enter to login to your website? Each time data passes to or from your website, it likely gets transmitted down thousands of miles of cable. At any point on its journey, it could be seen and stored by any computer in its path because, without SSL that data travels in plain text that anyone with the right equipment and skills can read.
Enjoy an SEO Benefit
Google called for “HTTPS Everywhere” at its I/O Conference back in 2014. Since then, they’re calling SSL a “requirement” and an “imperative.” The direction Google is heading is clear… get your site secure, for everyone’s sake, or get left in the dust by the competition that has been paying attention. Since 2014, some of its search algorithm updates have included slight benefits for websites operating under SSL.
The latest push for SSL by Google, which rolled out in January 2017, is much more aggressive, but we’ll cover that next.
Avoid Being Tagged As “Not Secure” By Google
Google is making some major changes in the way it displays websites that don’t run under full-time SSL. As of January 2017, the Google Chrome browser (version 56 to be exact) began adding a “Not Secure” label on pages that have a password input or credit card inputs. But even older versions of Chrome show an information bubble next to non-SSL URLs that, when clicked, reads “Your connection to this site is not secure… you should not enter any sensitive information on this site because it could be stolen by attackers.” That’ s more than enough reason to go secure.
This label appears to the left of the URL in the browser’s location bar. They have been moving towards a more secure web since September 8, 2016 but the wait is over and the penalty phase has begun. Get an SSL certificate before you lose consumer confidence and potential sales.
Do I Already Have SSL?
Here is a simple test to determine if you already have an SSL Certificate for your website:
- Test for SSL: Try changing the address of your website from http:// to https:// — if you get an error, then you likely don’t have an SSL certificate installed. You’ll need to call up your developer or hosting company, purchase an SSL certificate and configure it for the domain linked to your hosting plan. If you’d rather leave this to the pros, just give us a shout and we’ll be happy to help. We can get your site setup on an SSL certificate for as little as $35 per year plus a little bit of time to configure it and force your website to run under it all the time.
- Do you see https:// in all pages of your website? If yes, then congratulations! It appears that your site is properly configured.
- Do you only see https:// on certain pages?: If your website only uses SSL on certain pages, like shopping cart pages or employment applications, than your website is running in Part-Time SSL. Proceed to the next step.
- Configure Full-Time SSL: If you’ve made it this far, then you have an SSL certificate but it’s not being used for all requests. You’ll need to have your web developer force the website to always run under https at the server level or install software or plugins that will force SSL for you.
Need Us To Check Your Website For You?
Schedule a free review of your website below. We’ll take a quick look and let you know what you should do to get your website operating under full-time SSL.