A Dummy's Guide to SSL Certificates
Give your clients peace of mind that their data is private.
In a post-GDPR world, trust is the diamond currency of the web. If there is the slightest sign that someone is taking a security risk by being on a website, or entering their personal details, they will almost certainly jump ship. Having a Secure Sockets Layer (SSL) certificate is a safeguard against such an eventuality, as it secures data and can prove to your users that they are safe as houses. There are different kinds of certificates though, offering different levels of security and benefits. So in an attempt to simplify it all, this is a dummy’s guide to SSL certificates.
What is it?
An SSL is a protocol that ensures a person’s data remains private while they use the internet. It does this by creating an encrypted link between a web server and the browser or app that a person is using. In simpler terms, it prevents rogues from intercepting your data and nicking it.
If you’re a website owner, an SSL certificate is used with what is called your public key to uniquely encrypt and decrypt data between you and the server. It helps to prove your organisations identity and establishes your website’s presence online as safe and secure.
Do I need an SSL certificate?
Once upon a time, you only needed an SSL certificate if you were using your website to take card payments or if you were asking for sensitive data. But now it’s expected of every website, even if it’s a single page telling you when the next village fete will be.
How can I check if a website has one?
Look at your browser’s address bar. You should see a padlock symbol and ‘https://’ preceding the site address. If the ‘s’ is missing off the end of the ‘http’ then the site does not have an SSL certificate and it is not secure.
Why is it important?
Many, many reasons…
- SSL protects your own data. You don’t want to put that in the firing line!
- SSL proves your identity and that of your organisation. So can cruise through passport control without missing a beat.
- Improve your search engine ranking. Search engines will lower your website’s ranking if you don’t have one.
- Provide trust to your users. There’s no point putting the people who want to use your website at risk. They’re worth looking after, and they’ll thank you for it with their custom.
- No red flags. Google Chrome and other security filters will warn users your website is not secure if it lacks a certificate. Far better to keep giving people the green light.
What kind do I need?
To obtain a certificate you need to be approved by a Certificate Authority such as Symantec, Comodo or GeoTrust. Depending on the type of certificate you choose, users on your site will either receive a basic layer of protection or be provided with extra trust indicators and insurances. Do you want the vault, the security guards, the automated alarm or all three? It’s an oversimplification perhaps, but the details are difficult to untangle. Get in touch with us and we can help you identify the best level of checking, approval and insurance for you. If you’re interested, we can also handle the process of obtaining the certificate for you.
4 months ago | Education
10 months ago | 5min read | Education
Part of the joy of our work is seeing the visible difference new technology can make. Recently, we helped energize.uk.net harness the power of a new advanced searching tool called Algolia. We were pretty excited by the results.Read more
11 months ago | 5min read | Education
Even the most impenetrable servers can’t save you if security is compromised elsewhere. The good news is, there are some simple ways to protect yourself and keep even the most seasoned hackers out of your life.Read more