Securing your website with SSL / https (in brief)

SSL stands for “secure sockets layer” and is a form of website security which creates an encrypted connection between a user’s web browser and the web server hosting the site. 

Secure Sockets Layer (SSL) was the most widely deployed cryptographic protocol to provide security over internet communications before it was preceded by TLS (Transport Layer Security) in 1999. Despite the deprecation of the SSL protocol and the adoption of TLS in its place, most people still refer to this type of technology as ‘SSL’.

SSL provides a secure channel between two machines or devices operating over the internet or an internal network. One common example is when SSL is used to secure internet communication which turns a website’s address from HTTP to HTTPS, the ‘S’ standing for ‘secure’.

I recommend that all websites are protected by some form of SSL, even those which are not ecommerce, transactional or used for capturing visitor data because there are a number of other important benefits as detailed here;

Experience

Some browsers now display a warning if a site isn’t secure which can dramatically reduce the visitors experience using your site, and the warnings are due to become more visible and therefore alarming to your users.

(Source: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html)

Security

Implementing SSL secures data transmitted between server and browser during a users session interacting with your site. This is a key component in the realms of data protection and especially the new GDPR legislation surrounding protecting personal data.

Confidence

The green padlock which appears on a secured site can give customers peace of mind that your website can be trusted and their information is safe, this can lead to increased conversion and loyalty.

(Source: http://customerthink.com/proven-ways-to-increase-your-ecommerce-conversion-rate/ and https://gocardless.com/guides/posts/secure-payments/)

Search

Since 2014 SSL has become a search engine ranking factor, therefore can have a positive impact on your sites organic search position.

(Source: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html)

In summary, here are four valuable reasons why you should install an SSL certificate on your website. So what next?

There are several providers of SSL certificates and a number of different levels of protection. First the vendors which include;

  • Thawte (becoming increasingly well-known)
  • Symantec Norton (perhaps the best known vendor for online security)
  • Lets Encrypt (provide a free SSL to protect small sites)
  • Digicert
  • Geotrust

The other main consideration and influencing factors when choosing the right certificate include;

  • Basic, domain or extended validation – relates to the ease at which the SSL can be purchased
  • Level of insurance for an end user against loss of money when submitting a payment on an SSL-secured site
  • Single or multi-site SSL’s are available, useful if you have sub-domains to protect.

Notes

SSL has actually been superseded by TLS however the industry still primarily refers to SSL. In reality a secure certificate adds security to http traffic resulting in https as the communication method. The naming confusion is further explained here – https://www.entrustdatacard.com/blog/2011/may/is-it-ssl-tls-or-https

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

Source: https://www.linkedin.com/pulse/securing-your-website-ssl-https-brief-christian-scott/

Leave a Reply

Your email address will not be published. Required fields are marked *