When it comes to securing data, businesses rely on firewalls,
secure web gateways, antivirus software, automatic backups, privileged access
management tools, and so on. All of these are important, and in some sectors like
healthcare they’re required as part of a robust and compliant data governance
However, there is another piece of the information security puzzle
that every business should have, but many still don’t — and the consequences of
this omission could be severe; especially in light of big changes at Google
(which we’ll get to in a moment). First, let’s shine the spotlight on what this
is all about: an SSL (secure) certificate.
What is an SSL Certificate?
In the offline world, a certificate is usually a piece of
paper acknowledging an accomplishment, deed, anniversary, and so on. But in the
online world, a secure certificate is captured by a single letter that appears
in a web browser’s address bar: “s”.
That “s” — which either appears or doesn’t appear at the end
of “http” and before a specific website — certifies that the website is
HyperText Transfer Protocol Secure, or HTTPS for short. For example, if you
glance up (and if your browser is set to display the address bar), then you’ll
see that the Noble Webworks website is HTTPS certified.
Websites with a secure certificate use technology to encrypt
data that is submitted by visitors, such as when they subscribe to a newsletter,
download an ebook, make a purchase, register for a webinar, log into a forum, launch
a chat, and so on. Essentially, this certificate tells visitors that the
website owner is legitimate and safe to communicate with.
What if There is No SSL
It’s important to point out that websites that don’t
currently have an SSL certificate (e.g. http instead of https) aren’t
necessarily fraudulent. As noted above, many businesses — including those with
robust data security in other areas — don’t yet have a secure certificate. This
is especially likely among small businesses that created their website years
ago, or had their website created for them.
If Your Business Has
a Secure Certificate…
Good! Encrypting visitor-supplied data has been a best
practice for several years, and you (or your web developer) are on the right
If Your Business
Doesn’t Have a Secure Certificate…
You need one ASAP! There are four key reasons
for this: visitor confidence, firewalls, Chrome warning, and SEO.
- Visitor confidence: a growing number of people
are steering clear of websites that don’t have an SSL certificate. Or at the
very least, they visit these websites, but they won’t submit information. For
example, they’ll browse products/services on website that doesn’t have a secure
certificate, but they’ll make their purchase on a website that has a secure
- Firewalls: many corporate firewalls are set to
restrict access to websites without a secure certificate. Or if they don’t
outright forbid access, they launch a scary warning screen that dissuades most
people from moving ahead (in some cases, potential visitors may think that the
website has been hacked).
- Chrome warning: As of July 2018, Google’s Chrome
web browser (version 68) is labeling all websites without a secure certificate
as “Not Secure.” In the past, visitors were only told that a website (with a
secure certificate) was secure.
- to boost the ranking of
websites with a secure certificate. Or, if one prefers the pessimistic glass
half-empty version: Google is penalizing websites without a secure certificate.
We Can Help
If you don’t have a secure certificate, then don’t panic:
getting one is easier, faster and less expensive than you think. Contact us
today, and we’ll tell you what needs to happen to go from insecure to secure
(website-speaking, that is!). Your consultation with us is free.