Do you need a SSL?

This is an important question facing website owners around the world.  One that until recently only affected those selling online.

First… many of you may be asking… what is an SSL?   A Secure Sockets Layer (SSL), is cryptographic protocols that provide communications security over a computer network. Several versions of the protocols find widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice over IP (VoIP).  Basically, it is encryption which protects your data.

And just as you think you got this… SSLs at now being replaced by Transport Layer Security (TSL) which for the site owner and typical user is a similar in function.  So much that these terms are often used interchangeably or eliminated altogether and packaged under a product called a security certificate.

So, the real question should be… Do you need a security certificate?

For many years security certificates were an additional option for eCommerce sites used to protect the shopping cart experience and the transmission of order information and credit card data.  Over the last several years, payment gateways (the processors of data between shopping carts, credit card users and site owners) have required security certificates prior to processing transactions.

Over the last two years there has been movement by many companies supporting security certificates for informational websites in general.  The thought process has been any information (email, form completion, etc.) should be protected from hackers.

Many in our industry have debated this from several perspectives… what is the cost/benefit, what is the risk of data loss or damage if the data was intercepted, what is the likelihood of someone with the proper skill set, desire, and drive to try and capture data from my site.

While each of these perspectives have valid points, our stance has been that the data that goes through our site has a very low (if any risk of being hacked) and if it were to be hacked, has very little value to anyone other than our team.

For many years this has been a non-issue… but this is changing.

While we cannot say with certainty this is a operational, political, financial or ethic based decision, but Google is now leading the charge to have security certificates assigned to ALL websites.  With their recent release of the Google Chrome Browser, sites that do not have a valid security certificate will generate a warning or pop up advising the visitor the site may not be secure.  This prompt often requires the user to approve their visit, approve a security exception, etc.  Something that many site owners are not happy to have happen.

For now, it’s just Google… but we anticipate this trend will continue.  For this reason, we are bringing this information to the attention of our clients.  Do you need to do anything now?  Nope… but if you are getting complaints or concerns from users, seeing your web traffic drop, or know you have users who use Google Chrome… you may want a security certificate for your site.

Security Certificates are about $150 per year and require 15 minutes of our time to install them.  If you are having issues or looking for some peace of mind to know your visitors are not experiencing issues, contact us today to install a security certificate on your site.

For those on the fence and not sure what to do… if it helps… we opted to install a Security Certificate on our site as we believe it’s a relatively cost effective way to eliminate one more obstacle to visitors learning more about or studio and the vast array of services we offer.