We’ve all heard about website security, data protection, avoiding spam and phishing and protecting our (or our customers’) credit card details, but do you know the full extent of the part played by the SSL certificate in protecting ourselves, and our customers, online?
SSL stands for Secure Sockets Layer. An SSL certificate is a security protocol used between two systems to encrypt, and therefore secure, sensitive data.
Historically they were used just to protect payment gateways, protecting credit card details from being read or stolen on the web. Now, with the advent of GDPR and personal data protection awareness, they are commonplace and found on almost all major websites. But why?
If you own or manage a website the benefits of an SSL certificate are numerous and wide-ranging across various aspects of your business.
Even if your customers don’t really understand what the SSL Certificate is, or what it does, they know you should have one. Most internet browsers will highlight websites that don’t have one and offer a green bar or padlock when a website is fully secure.
Whether it’s your own sensitive information or that of the customers using your website, you need to know that that information will not fall into the wrong hands, something that could be catastrophic for both trust and your bottom line.
An SSL certificate is only issued after a verification process and is therefore highly important in web security. Phishing sites, fake versions of another website, have been increasingly present in our news feeds and an SSL certificate helps your website visitors be certain they are in the right place when handing over information.
In 2014 Google, by far the biggest search engine in the western world, introduced the use of SSL into its ranking factors. That means that your website will be indexed better if it is secure, regardless of whether you collect payments or personal information or not.
If you take online payments, then then your website MUST be PCI compliant. PCI compliance has 12 primary requirements, one of which is an SSL certificate. Therefore, you will have no choice in this instance to invest.
Many people think that the benefits of SSL are a great “bonus” but not really essential for their website. Their customers already know them, no-one would want to imitate them, they don’t take payments, or they’re not a likely target for criminal activity. But its absence could still have some big impacts on your business.
The tightening of data protection law (notably GDPR) came with the increase in the fines for companies not taking responsibility for the personal data in their possession. Even if you are only collecting names and email addresses, you must still comply.
If you are using cookies on your website, commonly found with technologies such as Google Analytics, you are still, legally speaking, handling or transferring personal information.
The GDPR sets a maximum fine of €20 million or 4% of annual global turnover – whichever is greater, for a data breach where the company is deemed not to have protected customer data. Food for thought when comparing this to the cost of an SSL Certificate.
When your customers are deciding whether to take the first steps towards engaging with a business, they will consider the whole picture. If your website has been flagged up in the browser as “Unsecure” and your competitors have the green padlock of a secure website, this will be points in their favour.
How much was that lead worth to you? Less than the cost of an SSL certificate?
With Google now rewarding websites with an SSL Certificate, that means by default, a penalisation of websites without. Search engine rankings apply to all websites – if someone types in your brand name, you want your website to come up first, but what if lots of authoritative sites appear higher than your main websites.
Not only will people have to work harder to find you, but you’ll look less credible in the big picture.
If SEO is part of your wider marketing or lead generation strategy, then you’ll know you’ll need every advantage you can get to even stand a chance to compete with the big players of your industry.
The process of obtaining and installing an SSL certificate is relatively straightforward. If you are installing it on a new website the process is a fast and painless part of the setup of hosting.
For installations on an existing domain, there may be a few technical changes to make on your website, but again these are very straightforward for a technical team to implement and shouldn’t be cost-prohibitive.
If you’re ready to embark on bringing your website in line with current security standards, simply ask one of our team members and we’ll be able to offer advice on exactly what you need, how to obtain the certificate and any changes that may be required for an existing domain.
In most cases, installation is virtually immediate, and you can start reaping the benefits of a secure and trustworthy website and brand.
Click here to find out more about the J&L IT Security Services.
Jarrett & Lam
Robert Denholm House