As many of you have heard, Google has set new SSL certification requirements that compels all websites (yes, not just e-commerce sites!) that capture customer information via forms or login areas to have a secure SSL cert.
October 2017 has been set as deadline month for this new initiative, a specific date, in true Google style has not yet been defined. They have however publicised the benefits of the new certification.
In the past month, we’ve seen a huge increase in the number of people asking whether they should implement SSL on their sites to avoid the possibility (and eventual) off-putting ‘unsecure’ warning sign that will greet people as they land on their website.
The simple fact of the matter is, you cannot ignore this requirement from Google for a whole host of reasons, let alone the damage the ‘Warning Site Not Secure’ sign painted across your website will cause to your brand.
It’s no secret that Google has taken a strict stance to increase the privacy and protection of their search engine customers given a 2013 Pew survey that found 68% of internet users believed that current laws for protecting their rights are not good enough. This showed little change in a 2016 Open Xchange Consumer Openness Index study that suggests 64% of respondents believe that data privacy will impact related government policy around the world.
People care about their online privacy and Google SSL certification enforcement is most likely just going to be the tip of the iceberg with regard to future data protection requirements.
Let’s talk SSL certification and the benefits it will have on websites across the globe!
Before we get into the benefits of your website being secured by SSL certification, let’s look at SSL and what it actually means, in a non-technical environment and for those of us who are not IT geniuses.
What is SSL?
SSL (Secure Sockets Layer) is a security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private. The web server being the website you’re visiting and the browser being the search facility i.e. Google Chrome that you use to get there.
SSL is the foundation of a secure Internet. It protects sensitive information as it travels across the world wide web. It is essential for protecting websites, even if they don’t handle sensitive information like credit cards. An SSL cert provides privacy, security and data integrity for both the website and visitors personal information.
Why is SSL important?
SSL & Encryption
The primary reason SSL is used is to keep sensitive information sent across the Internet encrypted so only the intended recipient can understand it. Information we send on the Internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate.
A visitor to your website fills in a contact form with personal data such as DOB, email, address, credit card etc. This data cannot be understood by a hacker or identity thief that interrupts or views the data while in transfer.
SSL & Authentication
An SSL certificate also provides authentication. This means you can be sure that you are sending information to the right server and not to an imposter trying to steal your information.
Your SSL cert will make it much more difficult for online thieves to pretend they are a reputable company.
SSL & Trust
When you land on a company webpage there are many visual cues such as a lock icon in the URL area or a grey bar with green text ahead of the website URL that indicate the website is secured and safe to use. These cues give greater confidence to users and instils more trust in the company.
You will notice SSL certified websites have HTTPS instead of HTTP ahead of the website domain name, for example, HTTPS://www.yourcompany.com. The “s” at the end of the “HTTP” part of the URL means the website is secure. HTTPS (Hypertext Transport Protocol Security) protects against phishing attacks. Phishing emails are generally sent by cyber criminals and hackers who attempt to impersonate a company’s website. The email might include a link to the hacker’s own website or a use a man-in-the-middle attack (MITM). A MITM attack is an attack where a hacker alters or gets involved in communication between two parties who believe they are communicating directly with each other.
Such cyber criminals will find it very difficult to obtain an SSL cert making it much more challenging to impersonate other websites. This means users will be far less likely to fall for a phishing attack as they will be looking for trust indicators in the browser. Without an SSL cert there will be no lock icon or green text banner. In time, if it’s not already the case, there will be an unmissable ‘warning site not secure’ sign posted across websites without SSL certification.
With the security side of SSL certification covered, the benefits don’t seem to end there. Google has openly announced the search engine considers SSL certification as a ranking factor. This essentially means websites with an SSL cert will rank higher in the Google rankings than sites without. Proof?
Of course – Almost 65% of Google’s page one organic search results feature a HTTPS (SSL certified) site. Keep an eye here to see this figure grow daily with MOZCAST.
Google wants to ensure the best user experience on the search engine that is now widely considered as the INTERNET! Understandably they don’t want to send visitors to insecure sites. Because of that, their ranking algorithm favours HTTPS sites.
In our now everyday world of online shopping, online invoicing, membership logins, contact forms and daily hackers, having an SSL certificate for your site is more important than ever. As your customer’s information, sensitive or not, is passed throughout cyberspace, SSL Certificates provide a visual indicator that your website and more importantly your company is legitimate, secure and trustworthy.
Talk to IMS today about getting your website SSL certified.