SSL (Secure Sockets Layer) is an internet protocol designed to secure transactions on the web and other apps. Here I will attempt to explain what it is, and why you need it on your website.
I previously talked about keeping your passwords safe, now I’m talking about keeping your information safe.
What is SSL?
SSL is a standard security protocol for for creating an encrypted connection between a server and a client Typically a website and a browser, a mail server and a mail client (such as Outlook), or a phone app like Gmail or your banking app.
Actually, TLS (Transport Layer Security) has replaced SSL as of 1999, but the term “SSL” or “SSL/TLS” is still commonly used to describe the technology.
What Does SSL Do?
When SSL is enabled, any communication between the client (web browser) and server (website) is encrypted, meaning that even though it is fairly easy to intercept the communication, especially on Wi-Fi, all the interceptor will get is encrypted data, nearly impossible to crack. this also applies to most phone applications that involve sensitive data or financial transactions.
This means that when you’re reading your email, checking out your bank account, or paying for something online or with your phone (Google Pay, Apple Pay, PayPal, Venmo, etc.), with SSL enabled you can feel good that the transaction is safe.
Why do I need SSL?
If you have an online store, your customers can rest assured that when they put in their credit card, It won’t be stolen in route. Plus other information like names, addresses, phone numbers, etc. are safe too.
But All I Have Is My Company Website, Why Do I Need SSL?
Most of the web browsers today are warning people that the site they are attempting to go to is “unsafe” You have probably seen warnings like this:
Is that what you want your visitors to see?
How Do I Tell If A Site Has SSL?
1. Modern web browsers display a lock icon beside the address when the site is secure.
2. The website address begins with “HTTPS” instead of “HTTP” (the “S” stands for secure). Viewing the entire address is usually turned off by default in most browsers, but can be turned on.
So Either The Lock Or HTTPS Means The Site Is Secure, Right?
Au contraire mon frère. SSL means the communication between you and whatever you’re communicating with is encrypted (secure). That does not mean when said information gets to where it’s going that it cannot be compromised.
If the website is “russianhackers.com”, I wouldn’t advise giving them your credit card number, even if it does have a lock beside the name.
SSL can also certify that the site you’re on is actually the site you want to be on. This depends on the type of SSL certificate issued. Clicking on the lock icon, then the “connection is secure” link will give you more information.
For example, clicking the link next to our site confirms that the connection is secure.
But checking out a more sensitive site, such as Chase Bank will show you that the certificate was actually confirmed that it was issued to Chase, and installed on their site.
We’re not taking your credit card information on our site, so we don’t need that type of certificate, but Chase is a different matter. When you go to your bank, you want to make sure that it’s actually your bank.
How Do I Get An SSL Certificate?
An SSL certificate has to be installed on your web server. Some hosting companies do this automatically and at no extra charge, but with others you have to pay extra for it.
At South Metro Web Designs, any site we host has free SSL included with the hosting package.
If you really want to know more about SSL/TLS, sit next to a fire, put your feet up, and read this article from Wikipedia.
Come back later for more on privacy.