What is an SSL certificate ? And what the heck does HTTPS do?

https image

Google takes web security standards very seriously and are looking to make the Internet a “safe place”. Accordingly, they offered a slight boost in ranking for SSL and HTTPS secured websites. However, things are soon going to change as of 2017, Google announced that their search engine algorithm will begin penalizing sites without SSL certificates. Take a look at the address bar above and you can see mine.

SSL is an acronym for Secure Sockets Layer – a standardized protocol that enables private and confidential sessions between two applications exchanging data over a TCP/IP connection. To put it simple, it’s a small data file that once installed onto your server, allows sensitive data such as credit card information, social security numbers and login credentials to be exchanged safely.

When an SSL certificate is deployed it activates the HTTPS protocol on your website. When a site is secured and certified a green padlock and HTTPS will appear just left from the address bar in browsers (just like the post image above).

 

Why do I need an SSL Certificate?

In recent years, privacy and security became the most critical issues in the world of online business. If your customers don’t feel safe there’s no customer trust, and without customer trust a web based business just won’t do well. It’s even safe to say that the lack of security and privacy standards will most likely ruin an online endeavor. When your website is handling personal data, whether it’s through simple login forms, handling transactions or credit card data, security should be a top priority.

It’s in this context that SSL Certificates join the game. Data transmitted between browsers and web servers is sent in form of plain text which makes it pretty vulnerable to eavesdropping. A hacker will easily grab and misuse intercepted information. With an SSL in place, a hacker will be unable to intercept that data. Also, statistically speaking, 70% of online shoppers cancel online orders if they don’t trust or feel comfortable executing the transaction.

The main benefits of using SSLs:

  1. Security – This one is quite self-explanatory. Hackers won’t be able to capture data exchanged through your site. SSL blocks interception or “man-in-the-middle attacks”. Even if you don’t handle sensitive data, an SSL certificate for your website is always a good idea.
  2. Trust – Reasons for getting an SSL go a bit beyond simple security. It shows your visitors and customers that you are ready to go the extra mile to make sure they get the best possible experience – a key factor in building trustworthiness.
  3. Rankings – Google’s search algorithm treats security as a ranking factor. They are actually pushing towards what they call “HTTPS everywhere” and clearly stated that sites that show an SSL are going to be treated better in terms of rankings.

However, Google started to push harder in terms of website security, which makes it even more critical to deploy an SSL.

Why do I Need it Now?

Not so long ago, HTTPS and SSL were heavy in terms of web performance and could ultimately end up slowing your site. However, this is not the case anymore as HTTPS technology has progressed and the impact of SSLs on performance became minimal or non-existent.

With SSLs no longer being heavy and obstructing website performance, Google is shifting from boosting secured sites to actually penalizing those who aren’t. It’s a big step towards achieving their goal of a completely “safe Internet”.

If you’re looking to keep up with Google’s best practices, it’s time to get your website an SSL certificate. As there are many types of SSL certificates one could dwell on which one to pick to best cover his needs. Here are the top 3 most important you should focus on:

  1. Private certificates – Customers purchase their own single SSL certificate and have a dedicated IP address on each server for the domain the certificate was purchased for.
  2. Wild card certificates – Enables SSL encryption on unlimited sub-domains with a single certificate as long as the domains share the same name and are owned by the same organization.
  3. Multi-domain certificates – Enables securing up to a couple of hundred domains on the same server with a single certificate. It’s the best solution for businesses that host multiple unique domains on a single server as it saves money while enabling a high standard of security and trust.

Once you get your SSL certificate you might want to display it. They usually come with a trust seal or badge that you can put somewhere on your website or Facebook Application page to put more emphasis on showing how much you care about your users online security.

Conclusion

We hope this article helped you understand the reasons to why you should implement an SSL certificate along your online assets. Considering that the performance of a website (page load time) and the level of security standard it provides are becoming increasingly important as SEO factors, you might want consider wrapping your website with a CDN to make it faster. Even though SSL are not as heavy in terms of web performance as they used to, an SSL session requires multiple round trip communications between a client and server. With a CDN in place, this exchange is always closer to the end-user resulting in no delay and provides fast, consistent and secure performance worldwide. That way, beside showing your users that you are ready to go the extra mile, you can also protect your site from increasingly dangerous DDoS attacks as CDNs can easily absorb them. They often provide their own free and easy to deploy SSL certificates. Also, if you already have an SSL it is easy to integrate it with a CDN solution.

To sum up, we strongly advise you to seriously evaluate your website performance and security standards as today they are more critical than ever before in terms of online reputation and trustworthiness. Want your customers to trust your website? Treat it with an SSL certificate, you won’t regret it and Google will love you more.