Does my website need an SSL and what does it mean?
SSL stands for ‘secure sockets layer’ and is a form of web security for websites, applications and eCommerce websites that handle sensitive information like personal details and card details. It creates a secure connection between a visitor’s web browser and the server that the website is hosted on.
HyperText Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website you are connected to. Using HTTPS, both devices agree on a ‘code’ between them, and then scramble the messages using that code so that no-one in between can read them. This keeps your information safe and secure.
How can I see if a website has an SSL?
You will see HTTPS at the beginning of the website URL which is usually green and you will also notice a padlock icon which symbolises that the connection is secure. If you want to find out more information about the secure URL and who encrypts it, then you can click on the padlock icon and view the certificate information.
Why should I put an SSL on my site? Do I really need one?
There are a few things to consider when deciding on whether you need an SSL for your website or not, a few of them are listed below.
- If a user sees a green padlock (over an ‘unsecure’ message) they are more likely to stay on your website.
- If you sell items online or users can sign up to your website, you should have an SSL installed for your insurance and peace of mind. It protects their personal data in transit.
- An SSL improves SEO (your search engine rankings). Google now boosts websites which are secure rather than websites which do not have SSLs. Even for the rankings on Google, it’s worth it.
- PCI Compliance. If your organisation requires PCI checks then you must have an SSL as part of a penetration test.
- ISO Compliance. If your company uses best practices by having ISO accreditations then you should have an SSL for data protection.