Overview
Web security is important to everyone and has been an industry concern since 1991 when the internet was born into existence. Over the course of the last five years alone, mega-search engine, Google has invested a great deal of time and money into ensuring that website end-users are safeguarded against most of the evils of the internet (e.g., attackers/hackers with malicious intent).
Beginning in 2014, Google noticeably took proactive measures and included HTTPS (HyperText TransferProtocol Secure) as a ranking factor for SEO (Search Engine Optimization). Before the new ranking factor, “HTTPS everywhere,” a browser extension that encrypted communication with most major websites, was introduced. The extension was not as effective as it could be, especially as the number of devices tethered to the web substantially and steadily increased.
According to a recent infographic by tech giant Intel, by the year 2020, there will be over 200 (two-hundred) billion devices connected to the web, which has further escalated digital security concerns. In an attempt to persuade website owners to secure their digital real estate, Google has now almost mandated SSL (Secure Sockets Layer) Certificate Implementation, as the browser has now begun flagging websites that do not have an SSL as “Not Secure.” (see image below)
What is SSL?
Secure Sockets Layer or SSL is a security standard in technology that establishes an encrypted link between a website's server and an internet browser. All data that passes between the browser and server using the encrypted connection remains private, securing the user's personal information.
How SSL works in Laymen’s Terms?
When a user visits an unsecured website, the browser (Google Chrome, Edge, etc.) makes a connection with that website and transmits information publicly. Filling out a form or entering a credit card on an unsecured site means that users are vulnerable to attackers who could intercept the user information and steal the data.
By comparison, a secure website with SSL enabled will establish a tunnel between the server that hosts the website and your browser. Any hackers that try to intercept information cannot access the tunnel, which means any information you share on the website is secure. The secure connection and authentication happens in the background in fractions of a second and will not affect your website’s performance.
What does this mean for website owners?
When an SSL certificate is protecting user data, the customers of a business will have more confidence that any information that they provide will be secure, which in turn will add to the credibility of that company.
How can users tell if your website is secure?
There are many noticeable cues for any website enabled with SSL. Listed below are a few of them:
- HTTPS: Located in your browser’s URL, you may often see "http://" When the additional 's' is present, it displays as "https://" and website visitors can tell the site is secure.
- In some browsers, for example, Google Chrome, the URL bar will show "Secure" (see image below) and display a green lock icon, or if you are using screen reader technology, you will hear the https: to indicate that the website has SSL enabled.
- There are some websites, predominantly eCommerce sites, that will add a badge to the web page indicating that it's secure, this is normally located at the bottom of a web page.
How to Implement an SSL?
Should you find that your website does not have an SSL certificate, and you are concerned about the information of your customers, there are several free and low-cost options available. The only things you need to set up an SSL certificate are:
- A Unique IP address for any SSL certificate you’d like to install
- A CSR (certificate signing request); this snippet of text must be installed on your server before you order your certificate
- Up-to-date contact information in your WHOIS record (check your information here)
- Website owners typically receive their SSL certificates from a certificate authority (CA) within an hour up to a week depending on the type of certificate that is ordered (domain-validated only, organization validated, or extended validation (EV) certificates). Additional information on the types of SSL certificates can be found at this link.
- If this all sounds like too much information, rest easy because all Reason Funding clients on our platform have an SSL certificate installed by our team.
The Take-Away
When your website is secure, you’ll remain in good standing with search engines such as Google. In addition to the SEO benefits, securing a website will show potential customers that you care about protecting their privacy, which adds to the integrity of your brand.
