Is your website secure? Should you care?

Google’s Chrome will soon mark your site as “unsafe” if you don’t have a security certificate.

What is a security certificate?

Security Certificates (SSL) are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.

What does SSL mean?

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

How can I tell I have one?

Your website will have an https vs a http at the beginning of the URL in the title/location bar (see image). It will also display as “secure” with a padlock (or similar) in the location/title bar if it is secure.

How much does it cost to have one?

SSL certificate costs vary depending upon the type you get. The average cost to purchase an SSL and have installed is probably in the $150 range per year. It must be renewed annually. However, some servers already have a shared certificate installed and your web host only needs to give you access to it. It may not cost anything to use their’s.

So, all I have to do is ask for it to be flipped on and it’s done?

You will also need to convert your website images, links, and core files to https so it will display the site as secure.

Do I need a security certificate?

Generally, if you are collecting sensitive information on your website (credit cards, social security, etc.) you should have a purchased security certificate.

What’s the difference between a purchased security certificate and the free one that my host may provide?

A paid certificate and a free certificate have the same level of encryption. A paid certificate comes signed by a trustworthy certificate authority, support and various tiers of insurance/warranties.

When will this go into effect?

Beginning in October 2017, Chrome will start showing security warnings on non-secure sites.

Will my site go down if I don’t do this?

Nope.

Will my site go down while it is being switched from un-secure to secure?

Nope again.

How will this affect my business?

It’s very possible that your clients would see a security warning and leave your site.

Google has also announced it will give ranking preference to websites that are secure.

An example of a warning from Internet Explorer

So, Google made my website insecure? 

No. Your site isn’t any more or less secure than it was before. It’s just that Google is going to start displaying it more prominently in their Chrome browser. Other browsers (Firefox, Internet Explorer, Safari, etc.) may not display it as prominently, but it will still be marked insecure.

What if I don’t use Chrome? What if I use another browser?

It doesn’t matter what browser you are using. It matters what browsers your clients are using. All other browsers (Firefox, Internet Explorer, Safari, etc.) also are displaying security issues. Some browsers have settings to give a warning before you go to an insecure site.

Can you make my site secure?

I can if you are hosting with me. And the good news is you can use my shared certificate. Give me a call at 904-389-9031 or shoot me an email to discuss. If you aren’t hosting with me, you can call your host and talk to them. Or talk to me about moving your hosting to my servers.

Posted in

Lena Shore

Archives