HTTPS vs HTTP
Cyber security has never been as “hot” and relevant as it is today. With Equifax being the most recent victim, it’s glaringly clear that no entity is safe. Is your business website secured with an SSL Certificate?
The pitfall we’re finding is that many small to medium size businesses don’t think they are at risk due to their size. Regardless your size, if your business has a website presence cyber security should be top of mind. Just think, an average cost of a data breach for a small business merchant is $36,000.
Securing Your Site With an SSL Certificate
Have your site SSL certified. Why SSL? It gives your customers and visitors a sense of protection and trust when on your site. SSL (stands for Secure Sockets Layer) is an encrypted data exchange script which runs between the server and the browser ensuring that the data passed back and forth is protected from hacking or phishing attempts. The easiest way to determine whether a site has an SSL certificate is by checking the page address in the browser. HTTPS means it’s a verified secure website with an SSL certificate. HTTP indicates the site doesn’t have a security certificate.
To be fair, not every website needs an SSL certificate. So who does?
- Ecommerce sites – If you sell goods online, SSL is non-negotiable. You absolutely must invest in security certification. A lot of sensitive data such as social security number, credit card, etc. is collected on ecommerce websites. It’s essential for that information to be protected.
- Membership sites – If customers are required to have username and password to access your website (or parts of it) then an SSL is needed. Personal information is stored on such sites and should be protected from hackers.
- Sites with Web Forms – If you’re collecting even basic information such as name and email address that information should be secured. Your visitors would want it that way.
Additional benefit of SSL is SEO ranking, Google has said it will serve sites with SSL certificates ahead of non-certified sites on result pages.
How Do I Implement an SSL Certificate?
After you assess your website usage and determine that SSL certification is needed the process that follows is fairly straight-forward. What you need to do:
- Purchase SSL Certificate – determine the type of certificate which best suits your business needs. A couple popular options: Domain Validation (DV), Organization Validation (OV) or Extended Validation (EV)
- Generate and submit your Certificate Signing Request (CSR) – this uniquely identifies your server and site information
- Validate your request – The domain owner confirms that they are in control of the domain
- Install SSL on your server
It should be said that depending on the type of SSL certificate you choose; additional work is required to provide necessary documentation and maintenance.
It’s clear that website security is an important business decision. If you need help navigating all the choices and finding the best solution for your business reach out and speak with our experts at 312-339-9359.
Additional Resources on the issue: