The SSL (Secure Sockets Layer) Certificate is used to encrypt data between a website visitor’s browser and the web server hosting it. All of the data which is passed between visitor and server is encrypted and protected by the SSL certificate meaning that the connection has a level of security which is becoming more and more vital for businesses in the modern world.
As data protection has become a legal requirement worldwide, by not protecting your customers, you open yourself up to being liable if someone acquires your customer’s data from you.
As a user, if you enter your information on a website that is secure, your information is protected and encrypted, if you enter the information on an insecure website that doesn’t have that kind of protection, that information can be taken and used by hackers who may abuse banking information and other details, such as home address, phone number and much more.
As a user of the web you always want to make sure your information is safe and protected and as a business owner you would want to protect your customer’s information, because failing to do so can result in fully justifiable legal action on the part of people who trust you with their information.
So, how do I know if a website is secure?
If you look up to the URL bar on this website in your browser, you will see a padlock that is closed. This is a sign that the site is protected by an SSL or TLS certificate, meaning that if you enter any information onto this website, the data will be secure. At SECT.News, we don’t ask our users for their information, as there is no reason for us to acquire it.
If you are looking at a link online such as this: https://sect.news/ you can also see if the link is secure by looking for the letters. Our site here uses https:// rather than http://. Rather than clicking on links like this, you should copy and paste them into your browser, as some links marked with https:// are hyperlinked to go to an insecure location. Whilst this is very rare, you should always prioritise your security.
There are several browsers that will warn you if you are about to enter an insecure website, but older browsers, or browsers that have not been updated to their most recent settings may have trouble noticing dodgy websites. This can be problematic for people who don’t know to look for the padlock or are unaware of the necessity of cybersecurity.
Once you are on a website you will be able to see whether the site is encrypted by the little padlock next to the URL. Some websites will have a circle with an “i” in it. This when clicked on will tell you that the connection may not be secure. If you are on an insecure website, we recommend avoiding entering any information or downloading anything.Close the tab in your browser and keep your information safe.
A little information on Data Protection
In regards to most of the Data Protection laws such as GDPR here in the UK/EU, SSL certificates are now a requirement for businesses, though not strictly stated within the law, and ensuring that they are in place is regarded as good practice in keeping your site’s data safe.
It is important to note that on May 25th, GDPR, the General Data Protection Regulation came into effect in the EU. According to this law, if you run a company or wish to do business within Europe with European citizens, you need to follow the rules set out in GDPR even if your company is not based within the EU itself.
GDPR does not mention SSL certificates, however according to the rules that have been set out: Appropriate technical and organisational measures need to be taken by companies to protect their clients information. Due to the encryption provided by an SSL certificate, you are providing one of the only ways of ensuring your customers are protected when using your website.
I need to get an SSL certificate!
If you are a user simply browsing the internet, then you do not need an SSL certificate – it is up to the owners of websites to provide these for you and ensure your business is secure. You should always ensure that the websites you go on are protected with a padlock using the aforementioned advice. If you are a website owner looking to secure your website, we recommend going with Namecheap.
Namecheap is a domain registrar accredited by ICANN. They were founded over 20 years ago in 2000, and have a long and solid history of providing excellent services for many customers over the years. Namecheap can provide a multitude of services including domain names, hosting and varying levels of SSL certificate encryption, ensuring the security of any website that you own.
Looking At SSL Options…
Namecheap offers a variety of different options when it comes to SSL certificates. In order to have a better understanding of the certificates on offer you can check them out by following this link.
The type of SSL you will want for your website will depend on a number of different factors, as every business gathers different information from their customers. Some take simple details, like phone numbers, emails and the customer’s names. Some websites take financial details.
Namecheap’s PositiveSSL is the cheapest certificate they provide, and it works well for small websites, blogs, personal pages etc. It provides a solid level of encryption. The PositiveSSL will work for most websites, however if you are running a business website taking financial details or providing e-commerce services, then you will want to look into some of the more expensive options that will provide a higher level of warranty.
If you have subdomains on your website, you might want to consider a wildcard certificate, as these will help protect your subdomains as well, as if you do not go with one, they may not be properly protected, or you may need multiple SSL certificates to cover each subdomain. A subdomain looks like this https://docs.google.com/.
Some companies have a large number of websites that they own, for example, drop shipping companies. Owners of these companies would definitely want to consider a multi-domain SSL which will allow them to secure up to 100 domains under one certificate. Namecheap have been known to provide a couple of free domains with this option, which makes it a great choice for any entrepreneur who has a multitude of websites.
All of the SSL certificates they provide come in one of three classifications, DV, OV and EV.
DV OV EV?
DV or Domain Validation is the easiest to afford option and is generally used for smaller sites and sites that are undergoing testing. DV SSL certificates tend to be issued extremely quickly and provide basic coverage for a variety of small websites. Whilst extremely affordable, they are not recommended for business websites.
OV or Organization Validation are the usual go to for websites that handle business, financial and other confidential information and transactions. OV certificates usually take a little time to issue, and can be up and running as quickly as a day from when they are ordered. These certificates tend to come with a higher level of warranty in the rare chance a data breach occurs.
EV or Extended Validation certificates provide exceptional levels of encryption and warranty. These are used when you want to ensure your customer’s information will be safe, and they come with the highest levels of warranty should a breach occur.
So What Do We Recommend?
We always recommend taking data protection seriously. It is much better to be safe than sorry. If you don’t handle information transfer in the form of financial transactions and you don’t store customer details online, you can get away with using a DV certificate most of the time.
If you are serious about protecting customer details and information, you definitely want to use an OV or an EV certificate depending on the level of security and warranty you want to have, should a breach occur. Extended Value certificates are the best to use if you wish to keep your customer’s information safe and secure in this case. Should you have subdomains, these can prove troublesome in the event of a breach, and they should be protected by a Wildcard certificate, and finally for multi domain options, all of Namecheap’s options are good, but for sites that are processing payment information themselves, it’s best to go with the EV option.
We hope this has been useful in helping to protect your business!