As small business owners trying to survive in the digital world, many of us seem to dance to whatever tune Google is humming. Because of that there has been a lot of discussion lately around whether or not at add SSL security certificates to websites.
(Need to get up to speed? Google announced a while back that they starting to use HTTPS as a ranking factor.)
While it’s hard to ignore something that could potentially give your search results a boost, SSL may be more trouble than it’s worth for some websites. So let’s take a quick look at what SSL is, when you need it and when you don’t.
What is SSL?
SSL is a method of encrypting information that’s entered on your website (such as credit card numbers) in order to create a secure connection between the browser and the web server.
In the simplest terms, think of your website collecting information like a credit card machine does. Once the data is entered it needs to be sent off for processing and you want a secure line to send it through. An SSL certificate creates that secure link for you.
The easiest way to tell if a site has an SSL certificate is if their URL starts with HTTPS and shows a padlock:
Want the more detailed explanation? Try this.
When do I need SSL security?
Google rankings aside, there are some very valid reasons to secure your site with an SSL certificate such as:
Do you sell anything on your website?
If customers are entering their credit card data on your site than you should most definitely have an SSL certificate. Even if your site is a mere portal to PayPal, you want it to be a secure portal, so lock that sucker down.
Do you collect any kind of information on your website?
If you simply have a contact form on your site, you’re just fine. But if you are collecting and storing client information that includes what’s called Personal Identifiable Information – things like address and phone number you may want to look into SSL security.
Diving deeper into things like date of birth and social security numbers? You definitely want an added layer of protection.
Think of it this way, could the information you collect lead to identity theft if it got into the wrong hands? Chilling thought, isn’t it?
HTTPS doesn’t secure your entire website
One thing to mention with all this talk of security: SSL encrypts your data when it’s in transit – moving information from the web browser it was entered in to storage on your server/database/third party credit card processing site. Not when your site is “at rest.”
That means SSL certificates do not make you untouchable to hackers.
Securing your site certainly helps make it harder to crack, but doesn’t void the need for a firewall or general site security measures.
So should you do it?
Putting in a proper SSL certificate can be a bit of a project, so if you’re doing it solely for the ranking factor on Google, than spend your time working on building solid content.
However, if you are collecting information of any kind through your website adding a level of security is really not a bad idea. If you need help, don’t be afraid to ask for it!
