Why your website should be using HTTPS

Why your website should be using HTTPS

Data breaches and hacks have regularly made headline news in recent years. This means online security is very much in the forefront of people’s minds. When somebody visits a website it is now imperative that they need to feel safe in doing so, and they need assurances that their data will not be compromised. Using HTTPS with an SSL certificate on your website is a great way to help do this.

What is an SSL certificate and HTTPS?

An SSL (Secure Sockets Layer) certificate is used to certify that a website encrypts the data that is used on that website. Any data that is input into the website by a user is normally sent to and from a web server. Having an SSL certificate ensures that these transmissions to and from the server are secure. Therefore if the website is attacked or targeted by a hacker, any data that is potentially leaked would be useless to the hacker.

A website address bar showing the HTTPS protocol at the start of the website address
An SSL certificate changes the ‘http://’ protocol to ‘https://’

Why should your website have an SSL certificate?

Having an SSL certificate on your website adds a crucial layer of security to all activity on your website. HTTPS will also:

  • Build trust in your brand

    Having an SSL on your website changes the ‘http://’ protocol at the start of your website address to ‘https://’. This is instantly seen by the users of the website who then know it is safe and secure, and shows that you as the website owner is conscious and are mindful of web security.
  • Encourage usage of your website

    This is especially true for e-commerce websites when personal data and credit card data are likely to be used. Using HTTPS will make potential customers feel much more comfortable when inputting their personal data into your website.
  • Make sure you stay legal

    Safe guarding your customers’ data is essential. By not taking reasonable steps to keep this data safe it is possible that you could be found liable for damages should that data get leaked. If you are an e-commerce website then you need to be PCI DSS compliant. PCI DSS is the worldwide Payment Card Industry Data Security Standard that helps businesses process card payments securely and reduce card fraud. You can read more on this here.
  • Improve you SEO ranking

    Over the last few years Google has strongly advocated for “HTTPS everywhere”, with HTTPS being confirmed as a ranking factor since 2014. Therefore by switching to HTTPS you will likely get a small boost in your Google search engine results page ranking.
Example of an HTTP website showing a "Not secure" message.
As of July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

How to get an SSL certificate

A certificate authority

SSL certificates are administered by certificate authorities (CAs) such as GeoTrust or GlobalSign. You can buy certificates directly from these CAs however please bear in mind that there will be an element of technical knowledge required to install and activate the certificate on your website once you have bought it.

Let’s Encrypt

Let’s Encrypt is a free open CA run by the Internet Security Research Group (ISRG). The cost is free however there is more technical know-how required to get it set up. Also Let’s Encrypt certificates are only valid for 90 days (commercial certificates generally expire after two years).

Through your hosting provider

Most web hosting providers sell SSL certificates. They will either install it on your website for you or provide you with instructions on how to buy, activate and install the certificate yourself.

All of the options above would end up with the same outcome; a more secure website which will boost confidence in your brand, encourage usage of your website and give your Google ranking a small boost.

If you would like to discuss this article or have any other queries regarding SSL certificates or securing your website using HTTPS, please feel free to contact me or leave a comment below.