Have you ever noticed that some website addresses start with ‘http://’ while others start with ‘https://’?
Perhaps you saw that extra ‘s’ when you were browsing an online shop, logged in to your internet banking or perhaps when booking a doctors appointment.
But where did that extra ‘s’ come from, and what exactly does it mean?
An SSL certificate is a digital certificate that authenticates a website’s identity and enables an encrypted connection.
In plain language, that extra ‘s’ means your connection to that website is secure. Any data you enter is safely shared with that website.
The technology that powers that little ‘s’ is called SSL, which stands for ‘Secure Sockets Layer’. Read on to learn how SSL works, how it forms a part of your cybersecurity strategy and how you can buy an SSL Certificate to keep your website safe.
Want to learn more about SSL and why it’s so important? Check out our Top 5 tips below:
As a consumer, you always want to see ‘https://’ when visiting websites that involve sharing your sensitive information. This could be your credit card details or address information perhaps. Likewise; as a business owner, you will want to make sure you have an SSL Certificate to help keep your website safe and secure.
1. What is an SSL Certificate?
An SSL certificate works by creating an encrypted connection between you and the website to establish trust.
One of the most important elements of online business is creating a trusted environment where website visitors and customers alike feel confident in making purchases.
An SSL (secure sockets layer) certificate creates a foundation of trust by verifying the identity of a website and securing a connection between the web page and the web browser. If you operate an e-Commerce website and are asking your customers to input sensitive information such as their credit card number, or collect other identifiable information, an SSL certificate ensures that information transmitted to and from your website is encrypted.
SSL Certificates form the cornerstone of modern cyber security strategies because they greatly help to reduce hacks on a businesses website.
Gartner predicts an increase of 45% in cyber-attacks by the end of 2025.
In order to assure website visitors that their connection is safe and secure, web browsers such as Google Chrome, provide visual cues which are often called EV indicators.
These indicators can be anything from a green padlock to a branded URL bar, regardless of the method – they can all be seen easily which should make you feel more confident you’re shopping in a safe place.
You can tell that a website has an SSL certificate installed when HTTPS (Hypertext Transfer Protocol Secure) appears in front of the URL (i.e https://viewfule.com/news). On the other hand, if a website does not encrypt its data you will see a warning sign and the words ‘not secure’.
So, what does an SSL certificate look like?
If you click on the small padlock that appears next to any website with HTTPS in front of the URL, you’ll be able to view the information about its SSL certificate.
You’ll see the name of the certificate holder, the issuer and the validity period. All SSL certificates expire eventually and require renewal.
An SSL certificate contains many details about the issuer of the certificate, a copy of the issuer’s public key and a digital signature of the certificate issuer. Here is what our SSL certificate looks like:
2. How can I tell if my website is protected by an SSL Certificate?
Head over to Qualys SSL Labs and perform a free SSL Server Test on your website. It will take a few minutes to complete, but once it’s done, it’ll provide you with a wealth of information on the security status of your website.
It will grade your website from A+ to F and as you can see from the test performed on our website above – it checks a lot more that just your website. They interrogate the quality of the SSL certificate and the secure protocols your web server supports too, amongst others.
The Qualys SSL Labs test is one of the best cybersecurity tools in the world – and it’s 100% free.
This is a comprehensive website security assessment which is why it’s one of the best in the world. Trust what it says. Rarely do 100% free tools come along that are worth their weight in gold, but this one truly is.
Not all website security is created equal, far from it in fact, and SSL certificates are no exception. There are strong ones and weak ones, this free checker by Qualys is superb at rooting out the weak ones that are likely to cost you in the long-term so we encourage you to act upon it’s advice. Speaking of weak certificates, we strongly recommend against using the free ‘Let’s Encrypt’ SSL Certificates, they do practically nothing to improve your website’s security posture and certainly won’t help you financially recover in the case of a hack.
The last thing you want is to believe your website is secure, to then end up being hacked because a weak SSL certificate was chosen that wasn’t suitable for your use case – ask yourself this question, is it worth the risk? We’re only talking a few extra dollars here.
If your website has a grade lower than B, please do reach out to us so we can help restore the security of your website. It’s a fast and affordable service we offer clients world-wide.
3. Why should I buy an SSL Certificate?
If you own a basic website, you should have an SSL certificate but it’s not essential. In the spirit of full disclosure, your website will work perfectly fine without one. But if you are mindful of cybersecurity and the ever present threat of hacks, you really ought to invest in one.
However, if you are running an e-Commerce website or anything that involves asking users to login with a username and password, or are collecting sensitive information such as credit card numbers, address details or financial accounts – you absolutely need an SSL certificate to ensure the transmission of the data is safe and secure. Ask yourself this question, how would you feel if the situation were reversed?
Improve your cybersecurity posture with an SSL certificate – this means less chance of a hack.
The total number of attacks, per company, increased from 206 to 270 year over year in 2021. Which is an increase of over 30% – an SSL Certificate helps to increase your website security so you don’t fall victim to an attack. As these threats are very real and increasing, adding additional layers of security is a wise move.
Many website owners choose to have an SSL certificate even if they are not collecting sensitive information (such as credit card numbers) because they don’t want to be perceived as not keeping up with the times. So many websites embrace SSL these days – over 1.8 million SSL certificates have been issued as of 2021 – and so your decision goes a long way to reassure nervous buyers you are a trustworthy company and keeping up with modern trends.
Another major perk of SSL certificates are the warranties. Some come bundled with a form of insurance should the worst happen and an SSL failure was deemed the culprit. You might be able to claim anywhere from $500k right up to $3million to help your company financially recover. For some businesses, this reason alone is worth investing in one.
Boost your search engine rankings with a premium SSL Certificate.
Lastly, Google’s algorithm rewards websites that have them. SSL certificates are directly linked to Search Engine Optimisation, or SEO, so this value-add should not be overlooked. Especially if you are actively investing in your Web SEO. Your website will be given a boost in the search engine results pages (SERPs) if you have strong SSL certificate.
4. What are the different types of SSL Certificates?
There are three different types of SSL certificate. They are:
- Domain Validated (DV)
- Organization Validation (OV)
- Extended Validation (EV)
The one that’s best suited for you will depend on your website and how much security you need:
- DV SSL is best suited to personal websites or small projects and is the least expensive of the three. A DV SSL Certificate requires that the website owner verify that the domain is registered to the domain owner, this is achieved through the WHOIS database and makes them fast to issue. These are the most popular SSL Certificates with over 80% of the market share.
- OV SSL is best suited to every day businesses or non-profits, and requires a higher level of verification to attain. As a result of these additional checks, an OV SSL Certificate is considered more secure than a DV SSL Certificate. The certificate issuer verifies the address and location of the owner prior to issue. These are popular certificates and occupy just over 17% of the market share.
- EV SSL is best for e-Commerce businesses and organisations that exchange financial data (such as Banks and Lenders) as it offers the highest level of protection. In addition, these certificates offer the highest monetary warranties to any website affected by a failure of the SSL. The downside to all this protection however is the cost, they can be 10x more expensive than a DV SSL Certificate which is why they only hold around 2% of the market share.
It’s probably worth mentioning at this point there are variations of the types of SSL certificates outlined above. Their purpose is to make like easier if you own lots of domains or sub-domains as you only need to buy one SSL certificate and they’re all protected in one go. The variations are known as:
- Single Domain SSL Certificate (only covers a single domain name and sub-domain).
- Wildcard SSL Certificate (covers a single domain but an unlimited number of sub-domains, often include warranties).
- Multi-Domain SSL Certificate (covers all top-level domains you own for your business, such as a ‘.nz’ and ‘.co.nz’ etc, include good warranties).
- Multi-Domain Wildcard SSL Certificate covers all top-level domains as above and includes unlimited number of sub-domains, include excellent warranties)
To summarise all the information above, if you’re looking for the strongest SSL Certificate on the market for a business that operates many different domain names – consider a Multi-Domain EV Wildcard SSL Certificate.
Likewise, if you’re a small business owner who only needs one to protect their basic one page website and only own one domain name – consider a Single Domain DV SSL Certificate.
Obviously every business is different and ought to be assessed carefully for their cybersecurity needs, but this is a good rule of thumb to follow.
5. Where do I buy an SSL Certificate for my website?
We highly recommend The SSL Store which is now part of the DigiCert family – a founding name in SSL Certificates.
The SSL Store has over 15 years of SSL & Cybersecurity experience with access to over 110+ products through their online store. They have helped over 200,000 companies around the globe protect their businesses, employees, and customers.
With credentials that strong, this is why we proudly partner with them and actively encourage our clients to purchase an SSL certificate with them directly.
Within 5 minutes, you will have found and purchased the right SSL certificate for your website. They make the whole process really easy and include instructions how to add them too. Now, that’s one less thing to worry about!
Your next steps.
At VIEWFULE, we intimately understand the world of online security is ever changing. Threats come from all corners of the globe these days and sometimes it can make you feel like you’re not in control. But, SSL certificates are one thing that help empower you and take back control. Your website will be much more secure with one than without. But if the worst does happen and you are hacked, even with an SSL certificate, they can come with warranties ranging from $500k – $3million to help you financially recover and get back on your feet. So if having this reassurance is of interest to you, Reach out for your FREE consultation and we’ll talk through SSL certificates for your business to keep you and your customers online shopping experience safe.