What is an SSL and Why is Google Making Me Get One?
If you do not yet have an SSL (Secure Sockets Layer) for your website, it is time to strongly consider acquiring one. SSL is the means by which a web server and a browser create an encrypted connection. This connection “ensures that all data passed between the web server and browsers remain private” (from serverguy.com https://serverguy.com/security/google-forcing-ssl-certificate-websites/). Analogous to using a key, SSL ensures that information can only be “unlocked” by the intended recipient. Data in transit is attractive to hackers as they attempt to eavesdrop or intercept connections, so the use of SSL ensures that data is scrambled as it transfers from one system or server to another.
The need for the SSL security measure has grown beyond its original use of online credit card payments. Nowadays, sensitive information exchanged online goes beyond credit card transactions to include usernames, passwords, personal information (email address, street address, phone number), personal health information, and financial information (bank account, PayPal account, Social Security numbers) that may be used or sold by hackers. It’s happened repeatedly: Yahoo, Experian, LinkedIn, Target, and JPMorgan and Chase are only a few of the prominent companies that have suffered data breaches in the last five years.
However, don’t assume that just because you’re a small company no one is targeting you. Any website that handles text input – any type of information entered by users, especially sensitive information – is a potential target for hackers. With statistics like “a personal computer is hacked every six seconds,” small-scale websites cannot afford to assume that they won’t be targeted simply because they don’t carry a big name (from privacypolices.com https://privacypolicies.com/blog/stop-hackers/).
Less prominent websites are perfect targets for cybercriminals since they frequently spend less money on cybersecurity measures. Like leaving your car unlocked with keys in the ignition, less security is a weakness that makes small websites easier targets. This does not mean that websites should spend beyond their means.
They should opt for what is increasingly becoming commonplace and even required: SSL certification. As SSL becomes standard issue, it is simultaneously becoming easier and more affordable to obtain.
While Google is not exactly requiring websites to have SSLs, they are greatly incentivizing the security measure. A mere month ago, Google began designating all websites without SSL certification as “not secure.” According to a Chrome blog, “For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS [SSL] encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as ‘not secure.’”
As Gina Ramsey of Pink Dog Digital puts it, “It is vital to ensure the security of the people who submit information via your website. It is your responsibility as a business owner”. Not only does SSL provide protection, but it also demonstrates to consumers that you as a business take their information and privacy seriously and have taken measures to protect it. This step strengthens clients’ perception of you as credible and trustworthy.
If you need help securing an SSL for your website, please contact Pink Dog Digital at 410.696.3305, email us at firstname.lastname@example.org, or visit us on the web at www.pinkdogdigital.com. SSL is provided free of charge to all hosted clients.