Do I really need to get an SSL certification for my site?

 

SSL stands for Secure Socket Layer protection and before we go into explaining exactly what that means, let’s first tell you what happens if you don’t have SSL on your hosting.

Around October 2016, Google announced that it wanted to make the internet a safe place.  They wanted to make sure website owners took responsibility for the security of the information entered into their websites.  This means that they wanted all website owners who were collecting form information or credit cards on their websites to get an SSL certificate.  If you didn’t then any time there was a form on your page that required the visitor to enter information Google Chrome would try to protect the visitor by telling them your site was “Not Secure”.

 

So with Google marking all sites that are not encrypted with HTTPS as “Not secure” this is simple motivation enough to get an SSL certificate and become “secure” and compliant.

SSL https search bar information

image credit: Google

STOP THE PRESSES. Is there a cost to this? Is that why I'm being told about this?

With respect to costs, there are free SSL certificates out there that you can get and install.  Your host might have some good options for you to consider but even once the SSL certificate is installed there are some configuration settings that need to be managed on your website to ensure your site is operating from SSL to get the full benefit of the SSL certificate.

The SSL Certificate we recommend is $99 tax in annually though you can get more robust ones if you wish that offer Extended Validation if you are looking to really promote the security of your site.

You can do all this yourself or we can help.  Generally speaking the set up of the SSL on your website will be 20 minutes to 2 hours depending on how many pages your website consists of and the CMS used to build it.  Some sites are easier than others to configure for SSL.

What Exactly Does SSL Do For Security of My Site?

First lets define SSL. SSL stands for Secure Socket Layer and is something called TLS (Transport Layer Security).   In short it means that all communication between the person on your site and the server hosting the site is encrypted.

Next, let’s look at how the information gets to and from the server to a computer or device that is accessing it.

 

Information Passing To and From a Website Without SSL

SSL

*** yes, the document is open and readable all the way through.

Information Passing To and From a Website With SSL

SSL

*** an SSL certificate won’t protect a user who has malware or a virus on their computer.  They need antivirus to protect them and they have clearly done the wrong thing leading up to this BUT the important thing is that YOU have done the right thing in protecting them as far as you can through the process.

October 20, 2017

Understanding SSL – Why it’s important for your site and your visitors