If you’ve noticed a plethora of articles about SSL Certificates for the web, you might be wondering what they are and whether your site needs one.
In January 2017 Google began (with Chrome 56), to mark pages that collect sensitive information such as passwords as non-secure if the site does not have an SSL certificate.
This was the first part of a staged rollout to encourage all websites to get rid of plain old HTTP and to move towards ALL sites to using HTTPS in order to make a more secure internet.
So what does that mean for your website?
SSL certificates are an essential component of the data encryption process that make internet transactions secure.
The SSL layer has 2 main purposes:
Without an SSL Certificate applied to a domain, it is possible for hackers to intercept the information you enter into a web page.
The process works like this:
When a domain has an SSL Certificate a visual clue appears next to the address bar: a green padlock to clearly indicate the site is a secure place to enter personal information.
At present sites without an SSL certificate are not flagged up as insecure on any page that does not require you to enter personal details. However, the information icon next to the url, does warn visitors that the site is not secure if they click the link.
You might be thinking that your site doesn’t require anyone to log in with a password, and you don’t take credit cards details so you’ve no need to show your site is secure. However, if your site has a contact form then that page would be flagged as soon as a visitor starts to enter details.
In later versions of Chrome (after v56) the intention is to gradually mark all HTTP sites as non-secure and to change the HTTP security indicator to the red triangle that they presently use for broken HTTPS.
Moving forward, clearly it makes sense for all website owners to secure their sites with an SSL certificate since seeing such a message could undermine a visitor’s trust in your site, even if they don’t have to enter personal information.
Furthermore with the new General Data Protection Regulations (GDPR) coming into play from May 2018, having an SSL certificate should help you to comply with these regulations.
Give us a call on 01780 740893 to chat about how to go about applying a certificate to your website.
If an SSL Certificate is added to a domain incorrectly, it can cause great damage to your online reputation: your search rankings may drop significantly or non-secure sections of your site may be accessed by visitors. Best to call in the experts!