SSL Security for your website

Data security is important. In previous posts we’ve touched on topics such as securing your online accounts, securing your server and securing weaknesses from the inside, but what about securing your website? More specifically, the connection to your website?

As websites are served to users, the information travels across a network computer to computer. In many cases, server to computer. In this connection, potentially sensitive information is carried across a network with the risk of it being intercepted by any rogue user in between.

This is where SSL (Secure Sockets Layer) plays it’s part. SSL is an encryption technology that is used to protect the communications between a user and a web server. This makes the information unreadable until it reaches it intended destination.

In addition to this, SSL certificates provide authentication that you are sending information to the right server and not falling into the trap of an imitation site designed to steal your personal data (phishing).

Online users are now far more educated with online security than ever. A significant portion of regular online users would be already aware of the security padlock that exists on browsers when transacting online, and would be looking out for these when doing business with a newly discovered site.

SSL is a critical component to running an ecommerce site. In order to accept payments and comply with the Payment Card Industry (PCI Compliance) a SSL Certificate is required.

As you may have noticed, online security awareness is on the rise alongside the growth of the digital frontier. Whether you do online banking, shopping or have any sort of account that requires sensitive personal information, it has never been more relevant to be concerned about online security.

In fact, just a couple years ago, Google backed this importance by saying they want to help drive for a much safer web. As a result, sites using SSL would typically see favourable ranking boosts than those that don’t. Whilst this doesn’t mean that you should rush out to get an SSL just so you can rank better, it definitely puts into perspective the shift of moving to a more secure web experience.

For the record, getting an SSL certificate doesn’t automatically entitle you to the first page of Google. SEO doesn’t work like that…

It is also important to stress that an SSL certificate only encrypts the data sent over a connection. It’s purpose is to prevent the data being read without valid authentication. It doesn’t however, stop your website, server or users being attacked directly via other means.

Having a SSL Certificate doesn’t protect your site against attacks and external threats, but as any concerning website owner, you should take the appropriate measures to beef up your online security as part of a wider cyber security initiative.
If you deal with transactions online, having one is more of a requirement than an option.

Acquiring an SSL certificate does mean additional costs, and you would also need a dedicated IP address too. But considering we hear news almost everyday about new cyber security threats, skimping on security measures isn’t really an option anymore.