UPDATE — JULY 24, 2018: Today Google began rolling out Chrome 68. Now, Google’s browser will display a “Not Secure” warning next to the website in the address bar if the site is not secured with HTTPS.
You might have seen warnings saying ‘Your connection is not private’ while browsing the internet many times. Now, imagine your customers seeing a ‘Not Secure’ warning when they try to open your business website. What do you think will happen? They’ll think twice before entering your site. The way to avoid this is simple: SSL protection.
More and more people are looking for security signals like the padlock icon before submitting their name, email, passwords or payment details to any website. And the only way to get the padlock for your website is by installing an SSL certificate. This digital certificate will keep your website free of “Not Secure” warnings and labels.
What is an SSL certificate?
SSL is a software that creates a secure, encrypted link between a visitor’s browser and the web server. Once the link has been made, any information entered on the website is encrypted — making it immune to man-in-the-middle attacks and other common hacks.
Let’s say, you have a small website and a niche customer base. Now, although all your customers might not know how SSL helps to safeguard their online activities, they still care about their personal data (hello, GDPR!).
And they’ll easily spot whether you have it by looking at your URL. Because the URL of any SSL-protected website displays two indicators:
- A green padlock
- An “S” added to the HTTP prefix — HTTPS
If a website doesn’t have these two things, smart web users walk away.
How SSL protection works
As soon as a website visitor enters an SSL-protected area of your website, your SSL certificate automatically creates a secure, encrypted tunnel through which exchanges can safely move. Once established, the green padlock and HTTPS prefix appear in the customer’s browser bar — an easy-to-spot visual indicator showing they have no need to fear data loss or theft.
Now, you can engage with customers through a secure 2048-bit encrypted connection, allowing the exchange of data without eavesdropping or interception.
Note: Your site is most secure when SSL is deployed on all pages and subdomains.
Benefits of SSL protection
Google Chrome’s 2018 policy of labeling all sites without an SSL certificate as ‘Not Secure’ shouldn’t be the only push to get an SSL for your business website.
There are plenty of good reasons to install SSL protection on your site:
- It helps you build trust as a reputable and credible business — customers can see you’re working to protect their privacy.
- Clients are more likely to interact with your website when they see HTTPS and a green padlock in their browser.
- It secures online exchanges with your website using virtually unbreakable encryption.
- You protect your business and clients from cyberscams and avoid the embarrassment of being hacked.
- An SSL certificate improves your search rankings, bumping your website above those that don’t have SSL protection.
Best of all, with an SSL installed on your website, both you and your clients know the data you send is going to the intended recipient … not a hacker or scammer.
Which SSL certificate is right for me?
There are different SSL certificates in the market, with many vendors offering them. SSL certificates are grouped into two categories: Validation level and the number of websites to be protected.
Domain Validation (DV) SSL
Great for: A blog or a personal website. Get it
The lowest level of validation, this certificate only verifies your ownership of the domain used for the website (learn the difference between a domain and a website here).
For example, free SSLs such as those offered by Let’s Encrypt validate domain ownership. Free SSL certificates are a good option for anyone with technical skills, an understanding of shell commands and shell access to their hosting account. Not tech-savvy? No problem — there are plenty of DV certificates that don’t require technical know-how.
Since there’s no manual resource involved in DV verification, these SSLs are fastest to get. They take a few minutes to hours to activate using an automated process, mostly over email.
Organization Validation (OV) SSL
Great for: Websites of information-driven organizations like a nonprofit or educational group. Get it
Here, the issuing Certificate Authority (CA) vets company details, verifying the business existence as well as the applicant’s name, address and domain ownership. This way customers can feel certain they’re engaging with a trustworthy organization — not a shell company.
Because of the manual vetting method, this certificate takes a few days to get.
Extended Validation (EV) SSL
Great for: Sites that require the highest level of SSL protection — eCommerce, banking and healthcare, for example. Get it
The strictest of the three, EV certificates provide the highest security and trust for businesses online. Applicant companies go through a rigorous background check conducted by a human resource. Here, the SSL provider verifies the company is:
- Legally registered.
- Currently in operation.
- Located at the address listed.
- At the telephone number listed.
- Owns the website domain name.
Due to the verification process by human resources, EVs take more time to get and are also the most expensive. However, once received, they display the HTTPS prefix, lock icon and the registrant’s business name in a green address bar at the top of the visitor’s screen. This highly visible indicator lets visitors know they’re safe to submit private information to your website.
If you have more than one website or a website and subdomains you want to protect with one SSL certificate, select your category above and then combine it with one of these:
- Multi-Domain (SAN) Certificate
If your business has more than one website, this is for you. For example, you’ll get to safeguard www.yourbusiness.com, www.ourbusiness.com and www.mybusiness.com with one SSL certificate. Get it
- Wildcard Certificate
With this certificate, you can protect multiple subdomains under a single domain. For example, a Wildcard will protect yourbusiness.com (your primary website), as well as blog.yourbusiness.com (your business blog), and mail.yourbusiness.com, etc. Get it
Difference between free and paid SSLs
Funds are often limited in small businesses, so you might wonder about the difference between free and paid SSL protection.
- Offer a variety of authentication levels
- Cost more and take time (compared to free ones)
- Scale with your business as it grows and changes
- Give you the freedom to choose term length
- Provide uninterrupted customer support
- Only offer basic vetting (i.e. domain validation)
- Are completely automated
- Have a strict term length
- Don’t have live customer support
Regardless of the SSL you choose, remember you can always upgrade your SSL protection at any time.
Make it your duty to protect your brand assets, including your website, in this competitive wilderness called the internet.
Whether you’re a solopreneur or own a growing enterprise, an SSL certificate drives your business forward. Safeguarding your customers’ privacy by using high-level data encryption for every interaction will result in more customers and stronger, longer relationships.