If you manage a website or marketing activities, you may have heard of secure sockets layer (SSL) and transport layer security (TLS) certificates. These certificates are installed on a website to encrypt data transfer between the website’s server and the browser. Once these certificates are installed, the web traffic between the web browser and the web server will be secured including credit card transactions, logins and data transfers.
The difference between TSL and SSL is minimal and while there are discrepancies, they both accomplish the secure connection required for your business.
For the technically inclined out there, the process goes like so. The data traveling between the two machines is encrypted and put into a specific size depending on the code and sent to the network transport layer. The code then encrypts and the SSL or TSL certificates are then used to complete the process and confirm the encryption.
You can check whether you have an SSL or TLS certificate by simply typing in your URL and then putting https:// before the www. If the website is secure the website will load but with https:// in front. If it isn’t secure but you have set up an automatic redirect map from https:// to HTTP it will automatically redirect to the not secure site but with a message. If you haven’t purchased the certificate and set up a redirect, the below screen will come up informing you that the website is not private and the risks that incur.
If you’ve done this quick check and it appears you don’t have a secure website, here are a few reasons why everyone should have an https website URL.
So, let’s start with the obvious, cybersecurity and safety. A lot of smaller businesses and websites assume their site is too small to get hacked but this is a massive inaccuracy. Most hacking is completed by bots searching for any vulnerabilities, regardless of the size of the website. Without this extra layer of protection, you’re opening yourself up to hackers. The websites in particular need of a security certificate are those accepting payments, have passwords and login portals or any web forms. A lot of web hosting companies require you to have this security certificate before you can install a payment gateway. As a user, would you really want to put in your card details on a website that has no protection between your computer and the server, allowing interception en route? This is exactly the same with anything that involves a password. Many people have the same password for multiple accounts so every avenue you input your password needs to be secure.
On this data note, the wonderful General Data Protection Regulation (GDPR) is another reason why security certificates on websites are so important. With the new data protection regulation, it’s imperative that any business collecting personal identifiable date has put in the correct security measures to protect it. Some websites work by collecting information about their users and retargeting them or marketing to them in different ways. If you are one of these, data you gather needs to be collected in a safe and secure way without interference. If you haven’t installed a TSL certificate and your data gets breached, you have to inform the ICO and your affected customers of the incident resulting in the decrease of brand trust and an increase of cost to ensure future compliance.
You may have noticed that Google is flagging websites as “not secure”. It implemented this measure in 2017 and it was estimated two-thirds of websites would be labeled as not secure. However, not only is a secure website a way to stand out from the crowd currently, it is also noted by Moz that there was a slight correlation between https and higher search rankings.
On top of that, GlobalSign’s research reveals that 84% of users would abandon a purchase if data was sent over an insecure connection. This bounce rate from Google would also play a part in search rankings and definitely be a tiebreaker for websites with equal visitors and domain authority. This focus on secure websites will only increase in the SEO world with developments on already existing algorithms.
Although these certificates do come at a charge, normally around £70 per year, the investment is well worth it with more pressure from search engines and customers to have a safe portal they can navigate and use. The increase of people purchasing TSL certificates will only rise with more compliance and pressure being put on companies, especially e-commerce, to have this requirement. From small businesses to huge corporations, no business wants to be associated with that “not secure” label so it’s a cost worth incurring. Cybersecurity has never been more important and each and every company has to implement steps to ensure their customer’s security.