Chances are if you have a website, or you’ve been looking to create one, you’ve run into increasingly-used terms like “encryption” and “SSL”. You may have written it off as some security thing that’s really only important for larger websites - your simple business site has no use for that. Once upon a time that may have been true, but now all that is changing.
In 2017 the number of internet users rose to over 50% of the world’s population. With that number, the importance of security for all of this data grows in tandem. To that end, many organizations are trying to make SSL certificates the norm throughout the internet, including the biggest player: Google. On February 8, Google announced, through its security blog, that beginning in July of 2018, Chrome version 68 will display all HTTP websites (those without a security certificate) as “not secure”. That doesn’t mean people won’t be able to visit your website with Google Chrome, but they will first be greeted with the dreaded “Your Connection Is Not Private” screen, which can quickly turn users away from your website.
So what does this certificate do? And how do you get one for your website? Well, let’s break it down:
Have you ever thought about how data goes from your computer to a website? That website is housed in a server that might be anywhere in the world. There’s obviously no single wire directly connecting your computer to that server (can you imagine all of the wires?!). Your data has to jump through a number of devices before it lands at its intended target. And if you’re wondering if those devices can see whatever information they are passing along for you - you bet they can. So can any hacker that might have placed himself somewhere along the path. This is where encryption comes into play.
SSL certificates make sure that only your website and your users can see the information that they are passing to each other. To anyone in between it just appears to be gibberish which means no one in the middle can see sensitive information like credit card numbers or passwords.
SSL certificates verify to a user that you are who you say you are. Have you seen that little green lock icon in the address bar for some websites? That’s there because your browser has confirmed that the website your are viewing is in fact who they say they are, and they have a certificate to prove it. Try clicking on that icon - you can view the details of the certificate and verify for yourself.
People trust that little green lock icon. It tells them they can trust this website to handle their data appropriately. They also play a key role in PCI compliance which is a set of standards that must be met for companies that store sensitive financial data like credit card or bank account numbers.
You can easily obtain certificates through many of the same providers through which you purchase domain names like GoDaddy.com. However, part of this recent push to secure the web has made access to SSL certificates much easier. New services such as Let’s Encrypt provide basic certificates for free.
There are also different types of SSLs. The most common is a single domain SSL which is used for a single website like “www.example.com”. There are also wildcard certificates which are used to cover any number of subdomains with a single certificate, such as “mail.example.com” and “portal.example.com”. Lastly, there are multiple domain certificates which can cover many websites with a single certificate.
It is important to note that SSL certificates will also require having a dedicated IP address for your website. Installing an SSL certificate is generally something left to an experienced IT professional, though it can be different based on your hosting provider. However, they will likely either have resources to walk you through the installation process, or they may simply have a support team member that will install it for you.
As you can see, there are many benefits to getting an SSL certificate for your website, along with the fact that it seems like they will soon be all but mandatory to make your website appear trustworthy. If you have questions or need assistance in obtaining or installing your new SSLs, you are welcome to contact us at eLink Design, and we can help get your site updated and secured.
eLink Design is a national web design, application development, SEO, and business consulting firm, founded in 2001 that specializes in custom solutions for over 800 clients around the country. With this blog, we hope to provide insights into what we are working on, areas where we think we can help shed light on problems we hear, and sometimes just cool things we have come across.