Truth is, unless you are processing credit card transactions or have a user login area an SSL isn’t required. However, your site (and your sales) will benefit from an SSL. Let me explain.
First, what is an SSL?
Have you ever noticed the “lock” icon in your browser bar or that some sites are https:// instead of http:// ?
That lock icon and extra s means your connection to the website is secure and encrypted, meaning any data you enter is safe. Does that mean data isn’t safe on a non-secure site?
Let’s break it down.
When you complete any form (from a contact form to a credit card field) on an unsecured website and hit submit that information can be intercepted by a hacker. If it’s just your contact information, no big deal, what’s a few more spam emails or robo calls. But, say you enter a password or credit card number…that’s a big deal and a headache to resolve.
Ok, but how does an SSL fix this?
The SSL provides an encrypted certificate that the browser and server use to confirm a safe connection. This means that the data isn’t being intercepted by a hacker.
“SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.” – SSL.com
How does it help?
Google’s Chrome browser, starting with version 62, indicates that a page isn’t secure if it contains any form input fields but no SSL. With Chrome making up almost 50% of the browser market share this impacts a lot of users.
Who cares what Chrome says?
According to recent HubSpot Research, up to 85% of people will not continue browsing if a site is not secure. That’s a large percentage of your site’s traffic that won’t be converting into sales.
Ok, but I don’t have any forms?
First, you site is useless and that needs to be addressed. Call us.
Google and other search engines are now prioritizing sites with SSLs in their search results. This means that if you and your competitor have the exact same content and SEO (search engine optimization) value, but they have an SSL Google will always show them first.
Google did something similar almost 10 years back with a focus on mobile friendly sites. They began demoting sites which didn’t meet their mobile friendly guidelines. This was a reflection of the ever-growing mobile traffic which now exceeds 60% of total internet traffic.
The new SSL push is a reflection of the growing security concerns triggered by numerous data breeches . In most cases an SSL wouldn’t have protected against these large scale data breeches, but an increase in security awareness by consumers results in a reaction from the sites they visit. A site secured with an SSL tells the consumer that their information is safe and that you are who you say you are.
If your site isn’t mobile friendly its well past time to address this, you’re living in the stone ages. Don’t know if you are, check that your site is mobile friendly (in Google’s eyes) at https://search.google.com/test/mobile-friendly
I think I have an SSL, how can I tell?
You will see the https:// in your domain name and a lock icon on your browser bar when you visit your site. Still no sure? Use Hubspot’s Check SSL tool.
Alright I’m sold, now what?
The process is fairly straight forward, but all elements must be done.
First, purchase an SSL license. This is best done through your web master or if you don’t have one your hosting provider. Although numerous sources sell SSLs it tends to be easier to setup when everything is controlled by one person or one host.
Second step is to follow the verification setup prompts and activate the SSL with your domain name (that’s your url like www.domainname.com). Depending on how your domain name is setup you may have to verify through multiple emails and confirmations. In some instances the system verifies without any input from you. If you’re confused during the process contact your web master or hosting provider.
Third step is the most complex but most important. If you’ve done steps one and two but fail to do step three you site is not secure and isn’t recognized as having an SSL. The SSL must be “installed” or setup on the site. This involves numerous items, the most obvious of which is changing site url and internal links to the https preface instead of the unsecure http preface. This means your site will now be https://www.domainname.com, and that s makes a big difference. If any resources (images, files, styles, etc.) don’t’ reference the new secure domain the page will be listed as unsecure and you won’t get that beautiful lock next to your domain name.
Engage Creative offers a service to “install” the SSL on your site. We can also help you with the purchase of the SSL. Use the form below to let us know you’re interested and we will give you an estimate.