Does Every Website Need an SSL Certificate?

Secure Certificates or SSLs are the main topics of conversation since Google made the announcement in August of 2014, that they would be using SSLs as a ranking factor for websites. Web owners scrambled to get their websites secure to stay ahead of the curve. Since this update, we have been monitoring how this has impacted small businesses. Have no idea if this even applies to you? Let's cover the basics. Without an SSL, thieves could be making off with valuable information.

What is an SSL Certificate

An SSL (secure sockets layer) is a certificate that sits on the hosting account with the files of the website. It encrypts information keeping it secure on the hosting account. You may have noticed the little lock on the web browser when you have paid for an item online or logged in to a website, this means they have an SSL certificate loaded on the page to encrypt your information. SSL certificates are available from different companies; VeriSign, GeoTrust is a few well-known ones. An SSL certificate will vary in price depending on the coverage needed. Think of it like insurance, the level of coverage is dependent on the information you need to protect.

How Secure Does a Website Need To Be?

• Ecommerce websites that take credit cards, even if the card is processed by the payment processor. Customer information is being stored on the website.
• Lead generation websites that store the leads on the website,  should have an SSL certificate to protect that information.
• If your website allows subscribers to sign-up for a newsletter or class, and their information is stored on the website, it needs an SSL certificate.
• Wholesale customers where the list is stored on the website, should have an SSL certificate.
• Websites that have a login, since you are protecting data behind that login, it should have an SSL.

Picking up on a pattern here? If Google thinks information is stored on the website, get an SSL certificate on it.

The Reality of the SSL Requirement

• The ranking boost is URL specific, not sitewide.
• HTTPS is currently a very lightweight signal that only affects less than 1% of global queries.
• This includes ALL types of sites regardless if you have a shopping cart or not.
• The ranking boost is NOT what makes this change so important. It's the browser warnings that Google displays to people trying to visit your site that will kill your traffic first!

Additional Considerations

• Securing transactions
• Gain trust from consumers
• Higher Google Rankings
• Compliance
• Privacy

It has become standard to secure a website when it is being built or redesigned but there are considerations you must take prior to making the change.

Changing from a non-SSL to an SSL

Let's not make this hard. Basically right now all of the links pointing to your website look like https://www.domain.com and we want to change these to https://www.domain.com. Realistically, it would be impossible to contact every website that has a link to your website to get them to change it. Here are a few steps that would need to happen.

• Create a redirect so when people click the HTTP link they are redirected to the https link. This is done by a web professional through the htaccess file that sits on your server. This is a technical step.
• All links that are on the website will need to be secure or fixed so they appear secure. Yep, another technical step. Links on your website may be linking from Google Fonts, Facebook, etc.
• Test the secure connection to make sure it is done correctly.

Have a question about SSL certificates or if it is right for your website? Comment below or contact us, we will be glad to help.