Securing your site with SSLs

SSL stands for Secure Sockets Layer. It is a protocol designed to allow data to be sent securely over the Internet and prevent third-parties from eavesdropping. There are many reasons a website secures itself with SSL protection, and thanks to Google, soon it will be mandatory for every website.

Why use SSL?

There are various levels of SSL protection used by persons and companies engaged in differing activities. Any entity engaged in e-commerce is required to have SSL protection to comply with PCIDSS (Payment Card Industry Data Security Standards) and privacy laws. Medical offices and hospitals that allow patients and doctors to view records online must have it to meet HIPAA (Health Insurance Portability and Accountability Act) laws.

Those with sufficient knowledge can hack, or listen in, on data transmissions performed on unsecured sites, which can compromise user data, such as names, usernames and passwords, financial information and more. Even the price for the most expensive SSL certificate is a drop in the bucket compared to what you’ll pay if customers (and the government) sues you for compromising their data by having an unsecured website that gets hacked.

 

https green bar
To protect themselves and their customers, businesses engaged in financial transactions purchase “green bar” protection. That’s the green lock with green https:// seen in the web address bar when visiting sites like Amazon.com.

Sites that don’t transmit financial data, but want to ensure privacy for user data and interactions often opt for a regular SSL certificate. Users see a gray lock and https://www.site.com instead of a green lock.

Where to get SSL protection?

Web hosting services such as Blue Host, GoDaddy and others selling various levels of SSL protection to their customers, with the “green bar” being the most expensive and comprehensive form of protection. Name Cheap (www.namecheap.com)* currently offers the most reasonable prices for SSL protection.

There are many SSL certificate authorities (or resellers) to purchase an SSL certificate from. Each authority names its SSL certificate tiers different things, so no matter where you choose to purchase a SSL certificate from, read the certificate description to ensure it will meet your security needs.

Let’s Encrypt (https://letsencrypt.org/) is offering free SSL/TLS certificates in the wake of Google’s push to have all domains become secured by SSLs. Sites that remain unsecured (i.e. http://www.site.com instead of https://www.site.com) run the risk of visitors being warned away or prevented from accessing the site in question.

How does SSL work?

When a user visits a website secured by SSL and asks the site to identify itself. The site responds by providing the SSL certificate. Assuming the certificate was issued by a trusted authority, the user’s browser begins a secure session with the website, so any shared data is encrypted.

Secure your site with SSL

There are far more technical explanations of SSL on the Internet, but the above information is a good start at understanding how and why you should secure your website. Don’t run the risk of liability for having an unsecured website. If you’d like to secure your website, but don’t want to mess with doing it yourself, or don’t know how, reach out and let us help. We’ll discuss the functions of your website and what SSL certificate it needs, then obtain and install it for you. Email us at info@jltcreations.com or click the button below.

*An asterisk indicates an affiliate link. JLT Creations may or may not receive a small commission (at no added cost to the visitor) should a visitor click the link and make a purchase.