Short answer: Yes. The chances of people browsing your site are slim without an SSL.
So, what gives with SSLs? What are they? How do they work? How do my site’s visitors know I have one? Do I really need one? What are my options? Hopefully, after reading this blog post, you will have answers to all these questions and more. Let’s start from the beginning…
What is an SSL?
In recent years, SSLs have become a basic requirement for websites and online businesses. SSL stands for Secure Sockets Layer and is used to protect the information other people enter on your website. Notably, SSLs protect your customers from ill-intentioned hackers who are looking to steal sensitive data and use it to their advantage. Additionally, it verifies ownership of a website, so customers can trust that your site is legitimate. When visitors sign up for your monthly newsletter, or enter their credit card information to make a purchase on your site, having an SSL reassures them that their data is safe and that your website is secure.
How does it work?
In simple terms, an SSL encrypts information as it travels from a browser to a web server. In what is commonly known as the SSL “handshake”, encryption keys (a public and private key) are used to encrypt and decrypt data as it travels through a network.
For example, take your credit card number: if you use an SSL, rather than 1111 1111 1111 1111 being exposed as it travels through the network, only a random combination of letters, symbols and numbers would be exposed, something like t3dW$s5R+n1AxV4j. A public key is used to create that encoded number, and it can only be decoded using the private key stored within the site’s server. Once it reaches the server, the number is decrypted so that the order can be processed.
How do visitors know my website has one?
There are several visual indicators that let customers know they are entering a safe website. For example, take a look at this blog’s URL.
(use blog page url as example?)
See that little padlock icon? That’s a sign of a secure connection. Also, see how it says “https://” before the website address? The “s” after the “http” means that the site is secured by an SSL certificate. If you click on the padlock icon, you can find more details about the SSL certificate being used.
Do I need an SSL?
Since 2014, Google has put so much emphasis on SSLs that they rank sites using HTTPS higher than those that don’t use it. More recently, in 2018, Google’s chrome browser began to mark HTTP websites as “Not Secure.” As such, SSLs have basically become a requirement for online businesses, especially if you are accepting payments online. In fact, it’s one of the requirements for Payment Card Industry (PCI) Compliance, ensuring merchants use the latest technology to establish secure connections.
How do I choose the right SSL?
The three common types of SSLs available today are domain validated (DV), organization validated (OV), and extended validation (EV) SSLs. The main difference between these lies in the amount of work that gets put into verifying your business. For example, with domain validated SSLs, users only need to prove to the Certificate Authority that they own the domain name. (A Certificate Authority, or CA is simply a trusted entity that issues digital certificates.)
At Media Temple, we now offer three types of domain validated certificates: Standard, Multi-Domain, and Wildcard. Each of these cover a specific number of domains depending on your needs.
There you have it! Having SSL encryption is an essential part of gaining the trust of your site’s visitors. If you have questions about which SSL is right for you or about SSLs in general, reach out anytime. We’re always here to help.