Internet security is a necessity when it comes to personal information. Users who feel like their information is being taken care of in a responsible and secure way will have more trust in a website. At Aztek, we push our clients for websites to be as secure as possible, that's why we strongly recommend installing an SSL certificate on all the sites we build. But before getting into the top reasons why you must have a SSL certificate, let's cover what exactly an SSL certificate is.
What is an SSL certificate?
An SSL certificate is digital file that creates a secure link between the web server and a visitor's browser to your website. This ensures that information passed between the user and the website is encrypted. Having an SSL certificate on your website provides integrity that information passed between your visitor and the website has not been tampered with, nor modified by a unknown third-party.
Server certificates can be purchased from many online sources, such as GoDaddy, and Network Solutions; however, you can also get free certificates from Let's Encrypt. Regardless of the source, all must be renewed on a periodic basis.
So now that we are clear on what an SSL certificate is, lets get into why it is important to have one.
1. Protect Your Users
This should go without saying, but if you are collecting any personal information about your website visitors you must take every precaution to protecting their data. "But I'm not collecting any credit card/payment information, my site only has a username and password box to view and download PDFs. "Why am I putting my user's personal information at risk?" you ask. Well, the fact is that users (against best practices) will re-use account credentials from website to website. So while your website may not have any sensitive payment information, the same credentials used on your site may be the same as that user's Amazon Prime account. So if you do not have an SSL certificate installed, a potential attacker could comprise the credentials on your site and use them elsewhere on other top websites.
2. Chrome, Firefox and other Internet Browsers are Changing Their Ways
Chrome and Firefox are instituting changes that will warn users when websites are not using secure server certificate. This includes warning users when a site contains username/password and credit card form fields. Users will see a "Not Secure" message in the address bar. This change was instituted in January 2017 (Chrome 56), and Google has even more changes slated for later include displaying the "Not Secure" warning for ALL sites that do not have an SSL certificate. Read more about this change and future plans.
Example of Not Secure Warning Message in Chrome
Firefox has taken a different, more aggressive approach by tagging the form fields themselves with a warning message.
Example of Insecure Password Warning in Firefox
Conveying the message that your site is trustworthy by having an SSL could be the difference between a visitor staying and interacting with your site, or moving on to your competitor's site.
3. Google Ranking Factors
Google has announced that fast loading sites counts as a ranking factor. Under newer web server platforms, running a site under a secure server certificate may actually improve your site's download speed for your users. This has been made possible by changes in the underlying HTTP/2 protocol architecture that runs on newer web servers . Take advantage of these changes by using content delivery network (CDN) services such as CloudFlare, or hosting your website on newer versions of Windows Server, such as Windows Server 2016. Additionally, as if you need any other reasons, Google as posted back in 2014 that sites running under HTTPS will be used as a ranking signal.
At Aztek, we feel strongly that SSL has been a "must-have" for all new projects and we've even begun retrofitting several old projects over the last couple years. From protecting your website visitors, to gaining trust and confidence about visitors interacting with your website, to potentially improving your Google rankings, using a secure server certificate is a requirement and not an option!
Contact us if you would like to learn more about how we can help with your SSL needs.