As part of the recent drive towards GDPR compliance, you may have been given advice on how to make your website and associated processes more secure. One of the key pieces of advice we give to our web design clients is to install an SSL Certificate on their domains.
Terms Used In This Article
SSL (which has actually been renamed TLS) is a method of providing privacy and data integrity between communicating computer applications.
SSL Certificates are tiny data files which can be installed on a web server and will enable you to use SSL.
HTTP is how website traffic and information is transferred (eg loading a page, sending form details, etc).
HTTPS is enabled when you encrypt your website traffic by using SSL.
Key is an algorithm used to encrypt and decrypt data.
Encryption/decryption is the scrambling/unscrambling of data.
What does an SSL Certificate do?
Installing an SSL certificate on your web server will secure the transfer of data between your website and its visitors. The default behaviour of any website is insecure – anyone can intercept and read the information you send online. With an SSL certificate installed, the data being transferred is encrypted up until the point it reaches its intended recipient.
SSL Certificates also assure the visitors to your website that it’s genuinely your company they are dealing with, and this assurance can help to drive conversions from your website.
Because having an SSL certificate is such an important consideration in website design, web browsers have historically promoted websites by featuring a positive message informing visitors that they are secure. Google also uses SSL as a major factor in their search engine rankings – meaning your search ranking can be improved simply by installing an SSL Certificate on your domain.
But times are changing, as are people’s attitudes towards privacy. According to the EFF, over half of the entire web is now protected by HTTPS, and browsers such as Chrome and Firefox are beginning to shift towards recognising secure websites as the standard that must be adhered to.
Instead of promoting HTTPS websites as being secure, browsers will instead promote regular HTTP websites as insecure. This may seem like a minor change of semantics but the difference to user experience will be huge. Currently users see a green padlock alongside the word secure for SSL Certified sites – by the end of 2018 non-secure sites will instead be flagged. Seeing the words ‘Not Secure’ will certainly raise concerns for most customers.
This shift in behaviour means that having an SSL certificate installed on your web server can be viewed more as an essential requirement than an optional upgrade. As such, in February 2018 we made free SSL certificates standard across all of our hosting packages – contact us today if you’d like to talk about securing your customer’s data whilst improving your search rankings.