Online Security: An SSL (Secure Sockets Layer)
22nd January 2018
In order to combat this ever-increasing threat of cyber-attacks, Google rolled out an update to their Chrome web browser in October. This change flags to users that, the website they're using, contains a form requiring them to submit - potentially sensitive - information but that it's lacking a basic security feature; an SSL (Secure Sockets Layer).
Internet security has been a hot topic in recent years, notably following recent high-profile hacking, phishing and ransomware cyber-attack cases; affecting hospitals, airports and universities worldwide.
What is an SSL & Why Does it Matter?
An SSL is a security protocol, providing a secure channel between two devices, operating over the internet. It works by encrypting the link, and the data being passed (i.e. personal data, credit card information, passwords), ensuring that this is being transferred privately and securely. This works to confirm that the user's information is maintained safely and privately, from any potential hacking cyber-attack.
Understanding the growing importance of cyber security, Google has also chosen to promote this change within its Chrome internet browser. Given their massive web browser market share (around 60% according to many estimates), the company continue working hard to provide the safest environment possible, for all of its users.
You may have also seen the following television advertisement over recent months, courtesy of Barclays;
An education piece in raising awareness of potential online security risks, and hacking vulnerabilities, is clearly - and with good reason - at the forefront of many business' marketing agenda.
- How Do You Know If a Website Has an SSL?
- Within Google Chrome, users will be notified if a website is considered ‘Not Secure’ with a notice within the search bar, informing the user of the potential vulnerability of the site.
- The influence this has had, on the average user since 2017, has become the deciding factor as to whether they visit the site or go to another; with over 80% of UK users stating they would leave a website if they were presented with a ‘Not Secure’ SSL message.
- For online businesses this is far from ideal, as not only are you losing out on valuable customers/clients - potentially to your direct competitors - but are also seeing your brand being damaged, with a lack of trust being seen by users. In many cases, ensuring you have a valid SSL assigned, configured and active on your website, is essential to staying competitive.
- Since rolling out the update, Google has reiterated that not having an SSL in place may affect the websites positioning within the search results pages, therefore causing further harm with your online performance and marketing efforts.
- Do I Have an SSL on my Website?
- If you are a Chrome user, simply load up your website and take a look at your address bar. If you see a green padlock and the 'Secure' mark, like in the image below, then you have an active SSL in place and correctly configured.
- If you use any other browser, simply load your website by typing the URL into the address bar. From here you need to look at the start of the address, if it reads ‘https://', you have an SSL in place. If it does not have the ‘s’ after the ‘http’, then we would recommend looking at implementing one to your site, as soon as possible. Note: the website being served from 'https' does not guarantee that the site has been fully secured and a site audit should be sought, in all cases, for full confirmation.
- How to Secure Your Site
- There are multiple routes in obtaining a valid SSL certificate for your website. Some providers offer a free service whereas others can cost up to a few hundred pounds to fully secure multiple domains. Depending on your host, you may already have SSL available, so it would be advisable to check with your provider before undertaking any course of action to secure the site further.
- Additionally, you will need to determine what type of SSL certificate you require. This depends on a number of varying factors including the full structure of the site and the usage of it. Again, your hosting provider will be best placed to advise of the needs, on a case-by-case basis.
- Additional Security
- With over 62 million UK internet users as of June 2017, ensuring your website is secure - and that your users are having a positive and assured experience whilst visiting your site - is essential. With that in mind, you should always ensure that any plug-ins, extensions or apps that your website utilises are kept fully up-to-date; with these updates often taking placed as a result of developers discovering vulnerabilities.
- A simple password manager can be an effective tool at keeping your data safe, at a very top-level. Higher still, making sure you follow password creating best-practice - choosing a password that contains a selection of available characters, upper and lowercase letters, numbers, and special characters - will provide further assurance.
By complying with these basic standards, you will help protect your users as well as your own online business; allowing users to feel safe when using your site. A user who feels safe is more likely to come back to your website, allowing for a greater opportunity of engagement and conversion.
Cyber security is a complex issue with, potentially, enormous and costly consequences, if not addressed fully. If you have any questions - or require any guidance with anything related to online security - don't hesitate to get in touch and one of our experts will be happy to assist and discuss further.