SSL- Website Security Demystified

Website Help

Have you ever noticed that some websites URL’s start with ‘http://’ and others start ‘https://’ That extra ’S’ is no typo- it stands for secure. The system behind that one little letter is called SSL or Secure Sockets Layer and is very important for the credibility. search engine optimization, and security of your user’s data.

The overly technical definition of SSL is:

SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.

Okay now – translating that to English…

First off- your browser is the tool you use to view webpages. The most common are: Chrome, Safari, Edge, Firefox, Internet Explorer. 

Let’s say you want to check the hours at the local movie theater. You open your browser, and you type in a domain or click a link from a search engine or other site. Your web browser is retrieving information from the web server that holds the movie theater’s website. That connection can either be secured (https://) or unsecured (http://).

When it is secured the browser and the web server are having a private conversation. When it is unsecured that conversation of data cannot be guaranteed private. This is especially problematic if you submit a form or process a payment. When your data transmits back to the web host it can be intercepted.

The good news is most payment processors force a secured connection but you still need to be careful.

So why does my website need an SSL if I don’t accept payments?

There are two key benefits to an SSL that have nothing to do with personal data. Trust and search engine rankings.

An SSL build trust and credibility- when the top of your browser says ‘not secured’, your potential customer could be turned off.

Higher search engine rankings- Since 2014 Google has used HTTPS has a ranking factor in their search algorithm. They do not tell you how much of a factor it is but it seems to be a significant one. Reference: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html

Final Thought

If your business’s or organization’s website does NOT have an SSL, a great place to start is with your hosting provider. Some include this service, and many will set them up for you for a fee. There are also many sites selling SSL independently which require separate installation. I only suggest those if you are working with a developer or are very comfortable with your hosting files.

And lastly never, ever input your personal data – SSN, bank info, credit card, etc- into an unsecured website. That’s just asking for trouble.