The importance of SSL certificates

What is an SSL Certificate?

An SSL Certificate (Secure Sockets Layer Certificate) is a digital certificate that is issued by a certificate authority. It is used to confirm the identity of a website and the validity of the data sent to it (usually data being passed by an end user).

Digital certificates are used to secure communications on the internet. They offer a means for websites to authenticate their identity to visitors, ensuring that the information being communicated is encrypted and secure. They provide the reassurance that the website you are visiting is authentic and isn't being manipulated while using it.

If a website does not use an SSL certificate or uses an invalid one, any computer between the website visitor and the web server can read the information being passed between each other. This puts visitors' payment, medical or other personal information at risk of theft and malicious intent. By creating a secure connection and keeping client information secure, this safety feature for your website builds a foundation of consumer confidence.

Here's a bit-size overview of SSL certificates from the team over at Google - link here 🔗

How can you tell if a website uses SSL?

When visiting a website and you see the following padlock symbol, it indicates that the site you are accessing is using a valid SSL certificate.

Another way of checking is by making sure the first thing to appear n the address bar is HTTPS and not HTTP. The "S" at the end of that text implies that your connection is secure. A basic step all website providers should take is to disable the HTTP version of their sites and ensure all visitors are forced to use the HTTPS version. This not only protects your users but also your site itself.

NOTE: Just because you are accessing the HTTPS version, doesn't always guarantee a secure connection. See the next section to find out why!

How to spot an unencrypted site

If you see the following, it indicates that your information is not encrypted and that any data you input into the site can be intercepted or manipulated in transit. You should try going to the https://domain.com version of the website instead of http://domain.com.

In some cases, you may be accessing a site with a certificate but it may be misconfigured or have surpassed its renewal date. - which nullifies its purpose. In such instances, your web browser may warn you before proceeding to the site, or block it entirely! The below image is an example of a website using an SSL certificate that has expired.

By providing visitors with a secure experience, you increase their willingness to spend time on your site. Don't let scary warning messages and security pop-ups make you miss out on the chance for new business!

Reasons you need an SSL certificate

🔒 Protects User Data

It protects the communication between the data server and the browser. All the data that traverses between your visitors and the server is encrypted and cannot be read by a third party. Visitors can securely use contact forms, and input payment and login information without the worry of someone maliciously intercepting the data and using it for their benefit.

💼 Industry Requirement

It's a baseline requirement for any HIPPA or SOC-accredited business to use SSL certificates on all of its digital mediums. An example of this may be an online contact form for a GP surgery. The data being input could contain personal medical information and must be encrypted to prevent data theft.

🔎 Increased Search Engine Ranks

Many search engines, especially Google, provide an upper hand to websites with SSL certificates. For better search engine optimization and to attract more traffic to the website, SSL certificates are essential.

🏦 Meets PCI Standards

If your website deals with online payments, you must comply with the PCI (Payment Card Industry) Data Security Standards. Among the 12 requirements stated by PCI, one is to have an SSL certificate. If you don't have an SSL certificate, you might suffer hefty penalties from credit card companies.

Securing your website

Nowadays, website providers should be providing their customers with a secure product as a standard level of service. Security is a cornerstone of VISCREO's business practices. We pre-configure all our hosting options to be as secure as possible from the first second of launch!

In the context of using certificates, there are a few very simple steps you can take to begin securing your website.

The "How can you tell if a website uses SSL?" section of this article covers the simplest way to check check if your website has an SSL certificate installed. This is the first step in determining how secure your website is. Receiving a warning or an error message? Get in touch with a member of our team and we'll provide a free audit and steps on how to correct the issue.

NOTE: We recommend that you check this with your anti-virus temporarily disabled. Some more powerful AV software will sometimes install their own certificates locally on your computer so may not give you an accurate representation of how secure your website really is.

Check out the below section for an additional 4 easy steps you can perform to help secure your website.

Additional steps to check

🔀 Always use HTTPS

You should force your visitors to only use the secure version of your website by redirecting all HTTP traffic to HTTPS instead. This is typically achieved through the settings on your hosting platform, so it's worth checking their specific documentation for steps on how to do so.

🗓️ Check your renewal date

It's all too common for websites to use expired certificates. In some cases, this can become more disruptive than not having one at all. Make note of the expiry date on your certificate, ensure the payment details are up to date and plan to renew it at least a week ahead of time.

🚀 Switch hosting provider

Some hosting providers - such as the ones we use - come with SSL as standard. To further strengthen this, we also configure all our websites to only use HTTPS. We make security our first priority!

📑 Get in touch for a free report

We don't expect everyone to be technical experts, that's what we are here for. Get in touch with VISCREO for a free, no-commitment report audit of your website; including some simple, actionable steps for you to implement.