By John Eberhard
An SSL Certificate (stands for Secure Socket Layer) is the security technology for establishing an encrypted link between a web server and your browser. This link ensures that all data that is passed between the web server and browsers remains private.
This is vital in protecting any information that people send to you via your site, such as when they fill out a form on your site, or when they buy something from your site if it is set up as an e-commerce site.
An SSL certificate changes the beginning of your website address from http: to https:.
It has been Google’s intention for the last couple years, that all sites move from http: to https:, so that any information flowing across the web is more secure.
Google Chrome and Firefox now display a little white circle with an exclamation point in it, to the left of the web address in the top address bar, for any site with an http: prefix. If you click on that white circle on Firefox, a dropdown window appears saying “Connection is Not Secure” in red. On Chrome it says “Your connection to this site is not secure” in black. Internet Explorer does not have any indication that the site is not secure.
So that’s not TOO intrusive yet, right? You have to click on the little white circle to see the message about the site being unsecure.
If sites have an SSL certificate, on the latest Chrome version, it shows a green lock icon next to the web address bar, and has the word “Secure” in green. On Firefox, it shows a green lock icon.
Discussion online indicates that Google is going to increase the intrusiveness of their “Not Secure” messages, until everyone gets an SSL certificate for their website.
Serverguy.com says that soon Chrome will start showing a “Not Secure” message, in red, right in the address bar.
I have not been able to confirm this exactly, but it is clear Google will continue pushing with more direct and intrusive warnings for sites that are not secure.
Here’s what Serverguy.com says about why your site needs an SSL cert now:
“1. Encrypts Sensitive Information
“The information you send on the Internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to.
“2. Protects You From Cybercriminals
“They are clever!
“According to Cybersecurity Ventures, cybersecurity damages will cost the world over $6 trillion annually by 2021.
“It is impossible to escape the rising tide of cybercrime if your website doesn’t have an SSL certificate. They will identify weakness(es) in your network…mostly, when information is transmitted. Recently, the black eye masked people have been refining malicious strains that are specifically designed to capture data while moving between destinations. (Told you, these people are clever!)”
Just Do It
That tells us that if you have any text information being relayed to you via forms on your website, such as credit card info, user names and passwords, or any other information, it is vital that you get an SSL certificate now. ESPECIALLY for e-commerce sites, this is something you have to do now. If you don’t, pretty soon you will start to see online sales decline because people will be reluctant to give you their information if they are being told by Google Chrome or other browsers that your site is unsecure.
So what’s involved? Well you have to buy an SSL cert from your hosting company (cost between $40 and $100). It’s best not to buy it from some other company other than your hosting company because that grossly complicates the process.
Then once that cert goes live, there are several technical issues that have to be taken care of, such as links to pictures, and redirects from your old pages to the new ones (because your pages now have a NEW web address). The redirect issue is particularly important if you have done search engine optimization and have a lot of links to your site and are getting a lot of organic traffic. If you don’t do redirects you could lose all your links and all the SEO value you have built up. It is not just a matter of throwing a switch.