In January of 2017, Google’s Chrome browser began adding “Not Secure” to the address bar of HTTP webpages that collect passwords or credit card information. The reason for this is to alert users that the site does not have an SSL certificate (also known as Secure Sockets Layer) and their sensitive data could potentially be stolen by malicious/criminal hackers.
Why are SSL certificates important and how do they help secure a website? First, the SSL certificate is installed on your website’s server and basically binds your domain name/server/hostname, company name and location. This binding process proves ownership of the domain and authenticates that the website/company is in fact who they claim to be.
As of October this year, websites with any kind of text input will require an SSL certificate to avoid the “Not Secure” warning in the address bar. If you are a website owner or administrator and already have an SSL certificate for your domain/website, no further action for this is required on your part. On the other hand, if you do not have an SSL certificate for your site, now is the time to act.
Next, the SSL certificate provides a layer of security that encrypts the data passed to and from the website and webserver. HTTPS and SSL can prevent “man in the middle” attacks, which occur when hackers intercept data as it is passed from the user’s browser to another server. If a hacker would intercept passing data that is connected through HTTPS, the data would be completely undecipherable.
Websites that use an SSL will often display a green lock in the address bar along with the word “Secure.” These visual cues help provide website visitors with a sense of safety that their data is not at risk. For any online business, having an SSL certificate for your website will help visitors gain trust that their data is not being compromised. Websites that still use HTTP vs. HTTPS may see a decrease in traffic on their sites.
Adding an SSL certificate to a website can be a very easy task. Many web hosting companies offer a free SSL certificate with the purchase of a hosting plan. If you have a web hosting plan, you should contact your provider for more information and for specific requirements. There can be an additional cost for an SSL, but it is worth the investment to protect your website and the site user’s data.
