Non Secure Website

Picture this: You've registered the perfect domain name for your website. Your product list is coming together and your website looks great. Then, bam. A new contact from the local chamber of commerce wants to hire your company to provide breakfast finger foods. He also wants to know if your small business website will be secured with an SSL Certificate to make the payment. You are stuck asking yourself, what is an SSL Certificate? And does my website need one?

These days, we do most of our stuff online. We pay our bills online, we bank online, meet our friends online, shop online, etc. It is easier, faster and more practical. It's also more interactive and real-time. But did you know that there is a certain credential behind this secure technology? It's called the SSL Certificate.

(Courtesy of 1&1 Internet, Inc)

 

What is an SSL Certificate?

SSL (Secure Socket Layer) Certificate is a standard security technology for establishing an encrypted link between a server and a client—typically a website and a browser, or a mail server and a mail client. SSL Certificates allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information. Starting mid-2014, Google announced that having an SSL Certificate installed on your website will increase your ranking position, which is another great reason to use an SSL Certificate.


Why Do I Need an SSL Certificate?

Data transferred in plain-text form or in non-encrypted format can be intercepted, eavesdropped, compromised and stolen. Transactions performed online may involve submitting personal information such as credit card information, social security numbers, usernames and passwords. Cyber criminals who intercept unencrypted communications will gain full access to this data and can use it for fraudulent purchases and activities. Trust and security are what make people confident enough to provide private, sensitive information online. SSL certificates are what make a website trusted. Organizations must use an SSL certificate to secure their site if they wish to take online payments or expect their visitors to submit confidential information. Apart from building essential trust and security into your website, SSL certificates also help with SEO efforts now that Google is providing a ranking boost for pages that are served over https. One of the most important components of online business is creating a trusted environment where potential customers feel confident in making purchases. Browsers give visual cues, such as a lock icon or a green bar, to help visitors know when their connection is secured.


(Courtesy of 1&1 Internet, Inc)

I'm not sure if I have an SSL certificate installed, how do I check?

This SSL Checker via SSL Shopper will help you diagnose problems with your SSL certificate installation. You can verify the SSL certificate on your web server to make sure it is correctly installed, valid, trusted and doesn't give any errors to any of your users. To use the SSL Checker, simply enter your server's hostname (must be public) in the box below and click the Check SSL button.In almost all cases, if you want to quickly identify if you are using a secure website, there would be a lock icon next to the domain. Also, the domain would start off as https:// vs http://.

 

Do I really need an SSL certificate for my website?

Before quickly dismissing your site as too small to be a target, keep in mind that most interceptions are done electronically without a human deciding who is attacked. A web creepy crawly doesn't care how big you are or what you do for a living. They have one goal, and that is to find vulnerabilities. Once discovered, its dirty work begins. No site is too small to get hacked.

If you sell products? Probably. If you’re taking credit card payments directly on your website, you definitely need SSL in place to encrypt your customers’ credit card information. However, that doesn’t necessarily mean you need it on your entire site; you might decide to use SSL only on store or checkout pages, for instance. If you use PayPal exclusively to accept payments, you don’t need SSL since customers aren’t paying you directly.

If you offer memberships? Maybe. If you run a membership site, free or paid, SSL might be a good idea. After all, your members are giving you their email addresses, names, and passwords, all of which they likely use on other sites. Do you really want to risk being responsible for a security breach that results in your members’ information being spread across the whole internet?

If your visitors submit sensitive information via forms? Maybe. If your site’s visitors are submitting any personal information, documents, photos, etc. via forms on the site, you might consider SSL to keep that information safe. I won’t even talk about HIPAA compliance as that’s a whole separate issue, but you might be surprised how much information you collect about your visitors even if you don’t sell products or offer.

Which company should I go with?

The thing with SSL certificate providers is that it is usually a matter of who's popular. For example, if you have a customer who does not know what Verisign or Comodo is then chances are he would not care about this. However, to a cautious customer, having his pages authenticated and verified by these companies will go a long way in assuring him that his site is safe.

Who are the best SSL certificate providers? This depends on your needs, the features that you want, how popular and trusted these providers are, as well as the prices for the things that you need. Be sure that you are getting real security by choosing a SSL certificate provider that really works hard to protect and secure the sites under their care.

Here are the best providers I would advise to consider:
Certificate Authority Price Rating

Comodo SSL

$76.95/year 5 Star Rating5 Star Rating5 Star Rating5 Star Rating
Digicert
$139.00/year 5 Star Rating5 Star Rating5 Star RatingStar Icon
Entrust
$136.00 / year 5 Star Rating5 Star Rating5 Star RatingStar Icon
GeoTrust
$149.00 / year 5 Star Rating5 Star Rating5 Star RatingStar Icon
GlobalSign
$249.00 / year 5 Star Rating5 Star Rating5 Star RatingStar IconStar Icon
GoDaddy
$69.99 / year 5 Star Rating5 Star Rating5 Star RatingStar IconStar Icon
Symantec
$399.00 / year 5 Star Rating5 Star Rating5 Star RatingStar IconStar Icon
Thawte
$149.00 / year 5 Star Rating5 Star Rating5 Star RatingStar IconStar Icon


In a nutshell, Secure Sockets Layer Certificate is used to secure the data transmitted over the internet between your computer and the destination servers. This could be the password you used to log into Facebook or your credit card information when you are purchasing something online, basically any important information you wouldn’t want others to know.

Cyber security poses a major challenge to online business, as hackers are becoming more numerous and daring in compromising websites, particularly commercial sites where sensitive financial information is exchanged. A breach can create huge liability costs and shake customer confidence in a business. That’s why all ecommerce sites and any company that processes information should use secure sockets layer (SSL) protection.

Although there isn't a way to completely eliminate the possibility for identity theft in today's world, WJ Enterprises is providing an SSL Certificate for an extra layer of protection to all new web design projects for no additional charge for the first year!

Founder & CEO of WJ Enterprises

One thought on “How Secure Is My Website?

Leave a Comment