Google and others are pushing their vision of a ‘secure web’. This ‘secure web’ is one where every bit of information your computer sends across the net is encrypted using ssl certificates
The Google Boost
As an incentive for website owners to implement this Google has made security a part of their search engine ranking algorithm. Basically if you secure your website you’ll get a Google boost. It’s not clear how big a boost, but it is there for the taking!
What is a secure website?
So, what is a secure website and how do you secure yours?
If you look at the address bar in your browser (up at the top where it should say get.uk.com) you should see a padlock icon. It should show the lock closed and maybe in green. This shows that this site is secure. If you click the icon you’ll get some info about my site’s security certificate.
This means that when you fill in any forms on this site (have a go at signing up for the newsletter!!) and click the send button, your details will get scrambled (encrypted) before your computer sends them over the net to my server. If anyone intercepts your message it will be unreadable.
Mostly this security is used when you’re buying on the Internet to ensure your card details can’t been stolen. I’d always advise you check the padlock before you enter any card or account details on any site!
From a website visitor view the only difference is the padlock. Everything else works the same as a non secure site.
From a website owner view you need to set your site up in a different way to achieve this.
SSL Digital Certificates
Digital certificates are the key to the secure web. An SSL certificate is a block of code that’s used to encrypt your messages. You have to buy them from authorised sellers who’ll verify who you are before issuing them. Each certificate is issued to a specific website and has to be installed on your web server to work. Mostly your website hosting supplier will do all this for you.
Once your server has a certificate installed there’s a small amount of modification needed to your website and then you should be ready to go.
Different Types of Certificate
There are quite a few choices of SSL certificate. You’ll find prices ranging from under £10 to a few hundred pounds. So what’s the difference? Do the cheaper ones work?
The first thing to get your head around is that all the certificates are fully secure. They all use the same basic encryption system and there’s no real difference in the level of security they offer.
So why pay £200 as opposed to £10?
What you’re paying for is the level of trust the certificate implies.
The cheaper certificates are called ‘domain verified’. You simply have to show that you control the domain name to get hold of the certificate. My site uses a domain verified SSL certificate. It makes my site secure and gets me the Google boost but doesn’t validate my company.
If I was selling online I’d need people to trust that I was a real business. An ‘organisation verified SSL certificate’ would achieve this. Here the issuing company will do a check into your company to make sure you really exist. Once they’re happy with your business they’ll issue the certificate and usually include some level of insurance in case there are any problems caused by the certificate. You’ll also get some sort of badge for your site that when clicked shows that your company has been validated.
The top level of SSL certificates are the ‘enhanced verification certificates’. To get one of these you’ll be subjected to a 5 day intensive interrogation process at a secret headquarters built into the side of a mountain high in the Alps. Only joking, but you get the idea – they’ll really do some digging into your background. Once you get an EV SSL certificate you’ll be rewarded with the full blown green, company branded address bar padlock. Have a look at Amazon, Microsoft, etc to see what I mean.
Should You Secure Your Site
A year or so ago I wrote on this topic and advised waiting to see what happened. Now I have to advise YES, you do need to secure your site.
Google and all the search engines are moving this way and it’s only going to become more and more important. Not because it will make sites such as mine any better, just that you visitors will start to see warnings when they’re not on a secure site. Having a message pop up that says,
“Be careful – this site isn’t secure and your life might be hijacked!”
Will likely make people wary.
These messages aren’t yet popping up but the browser manufacturers have said it’s on the cards.
What to do?
Unless you’re hosting your own site you’ll need to talk to your hosting company or website designer. They’ll know how to set this up for you.