You might have seen the https or a lock symbol in front of URLs for some sites. This sign or symbol that denotes if a site is secure or not is called SSL. SSL stands for Secure Sockets Layer. It’s an encrypted link is created between the web server and the browser that is being used by the user. This encrypted link ensures that all data provided by the user in their browser securely reaches the server. This is a fancy way of saying the information that you send to the website you are using (such as your bank) is not readable by anyone else that might be sitting between your bank, and your connection (such as your ISP, or another person if you’re using a public hotspot).
SSL also provides you with an assurance that the website you are intending to reach is indeed the one you did reach. For example, if an attacker made a website that looked just like your banks website you might be tricked into entering sensitive details into their website, this could mean your bank card is compromised. SSL provides a way for a trusted third party to vouch for the website you are visiting saying that they are yourbank.com for example.
While SSL was primarily used by banks, and shopping websites to protect your sensitive information in the past, people became more security conscious, and wanted to protect themselves online. Today SSL is seen as a basic requirement for any website that you visit. In this article we will discuss three major reasons why everyone needs SSL, and how it can be implemented.
So wait, What’s an SSL Certificate?
So remember earlier, we mentioned that a trusted third party vouches for the website? An SSL certificate is what makes this possible. An SSL certificate serves two important purposes.
First an SSL certificate identifies who the website belongs to. That means, if a website says they are Google.com but presents a certificate that says example.com your browser will notify you that you’re not where you intended to be.
The second purpose of an SSL is to provide the browser with the key required to encrypt your data. This key is known as the “Public Key” and is used by the browser when it wants to send data to the website you are visiting. On the website, there is a key known as the “Private key” which can decode messages encrypted using the public key.
in-fact your browser has it’s own private and public key which is uses to receive messages from the websites you visit too. This is how you can communicate with a website without people seeing what you’re doing.
Secure Transfer of Data
When you communicate with a website, it’s often critical that the information you are sending can’t be read by a third party. This information could include something as simple as a contact form, or your password; But it could also be something as important as your credit card details, or sensitive information about you. This is where SSL comes into play. Whenever you send data over a website using SSL your browser first encrypts that data using a key that only that website can unlock. This way you can be assured that only the intended recipient can see what you sent.
SSL has become so important, that if a website doesn’t have and SSL certificate, browsers like Google’s Chrome, or Microsoft’s Edge will start showing a warning message saying the website is not secure. This erodes customer confidence, and may make people leave your website all together.
Google, recognizing the importance of privacy started promoting websites that were SSL enabled. This meant that having SSL may put you ahead of competition that didn’t However as time went on and SSL became easier, and cheaper to implement Google took it a step further and started demoting, and even removing sites that didn’t have SSL meaning your website may not appear at all.
Even more critical, if your website takes sensative information, such as a credit card without using SSL your website could be flagged as being a security risk and black listed in both Google search, and browsers. This could prevent your website from being listed at all even after you resolve this issue.
Earn Your User’s Trust
Google, recognizing the importance of privacy, started promoting websites that were SSL enabled. This meant that having SSL may put you ahead of competition that didn’t. However as time went on and SSL became easier, and cheaper to implement Google took it a step further and started demoting, and even removing sites that didn’t have SSL meaning your website may not appear at all.
Legislation in some countries, such as the GDPR requires companies take reasonable steps to protect their customers data, this includes while that data is in transport between your customer and your website which is what SSL is designed to do.
Is your website protected?
Think Forward Media believes that SSL is essential to any website, and when you host your website with us, you can rest assured that your website will present a proper certificate to your customers using industry standard encryption.
Contact Us today for a free security audit including whether you have a proper SSL Certificate, and if it’s protecting your customers.