what_is_an_ssl_certificate_do_you_need_one

What Is An SSL Certificate & Does Your Website Really Need One?

Carl Taylor | August 1, 2017

Have you ever heard someone (more technical than yourself) mention an “encrypted” or “unencrypted” website and wondered what they meant?

Or maybe you’ve noticed that some URLs start with “http://” while others start with “https://” and you’re not sure why?

SSL certificates are the answer to both questions, and because they can help you earn the trust of your customers (and Google!), they are being used more frequently today than ever before. Here’s how to decide if you should use an SSL certificate on your website and, if so, how to choose the best one.

What Exactly Is An SSL Certificate?

SSL, which stands for Secure Sockets Layer, is a data security tool that was designed to keep communication over the internet safe. An SSL certificate creates a secure connection between a web browser and a site’s server. Data that is sent via an SSL connection is encrypted, meaning the data is scrambled to prevent theft and tampering.

SSLs ensure website visitors that they are on the correct site before providing any sensitive information. They also protect that sensitive information, like social security numbers, credit card information, and passwords, so hackers cannot access it.

You can tell if a website is using SSL based on the URL: a website with “https://” is using a secure SSL connection, while a URL with “http://”, or a lack of letters before the site name, is a website that is not secure or encrypted (notice the difference is simply the “s”).

facebook_ssl_certificate

cnn_without_ssl_certificate

Should I Consider An SSL For My Website?

In the past, SSL’s were used primarily for e-commerce. If you are collecting someone’s credit card information online you are required to use an SSL secured page to avoid their information being stolen by clever hackers.

However, SSL certificates are now recommended for many website owners, even if they aren’t selling anything online.

Websites with an SSL are more secure site for your visitors, like we discussed above. However, they are also more secure for you, the website owner. If you don’t have an SSL certificate and your site is hacked, you could be liable for not protecting your visitor’s sensitive information.

WANT A SNEAK PEEK AT WHAT AUTOMATION AGENCY CAN DO FOR YOUR BUSINESS? DOWNLOAD OUR 35 TASKS PDF!
Also, many large companies, including Google, are pushing for regular websites (non e-commerce, government sites, etc.) to switch to using SSL secured sites. Google is even giving higher search rankings to sites that are secured than those that are not secured, all other factors being equal.

However, you must understand that using an SSL certificate does make a small but noticeable impact on your website: it slows down the loading time of the site due to the encryption process.

How Do I Get An SSL Certificate?

SSL Certificates are issued by a Certificate Issuer. Many websites offer certificates and different prices, so you are able to shop around for them. In the past, Certificate Issuers charged a lot of money for an SSL certificate. However, inexpensive – and even free – options like LetsEnrcypt have been released in more recent times.

But before you make purchase, it’s important to understand the different types of SSLs.

Domain Validated (DV)

Domain Validated certificates are the easiest to obtain as they simply validate that you own the domain you are wanting to secure. They offer the industry standard of encryption, but not much else.

There are two types of Domain Validated certificates:

1. Purchased from a Certificate Issuer
2. Generated for free from LetsEncrypt

The main difference between the two is the warranty: a purchased SSL certificate usually includes a warranty of $10,000+, meaning if something were to happen you are insured or protected up to $10,000 by the Certificate Issuer.

A free certificate from LetsEncrypt does the same job, but you aren’t protected by any warranty.

Extended Validated (EV)

Extended Validated certificates are considered the most hacker-proof certificates in the industry, and therefore, are the most trusted.

EV certificates are also the hardest type of certificate to get, requiring proof of company’s legal existence, operation history and physical address must be confirmed. This process usually takes between 3-5 business days.

These certificates are the only type of certificates that will turn your browser’s address bar green displaying your business name clearly in the address bar to indicate that the site is secure.

chase_bank_ssl_

EV certificates are only available through a certificate issuer that is paid, and they typically have much higher warranty amounts depending on the certificate issuer.

While some businesses may feel that $200+ a year for a certificate is expensive, the extra trust can lead to an increase in sales that more than covers the cost. And the security that an EV can bring to your business with the warranty insurance can be well worth the extra cost each year.

Organization Validated (OV)

Organization Validated SSL certificates are the mid-level option. While they don’t turn your address bar green, they do activate a number of browser trust indicators. When a customer clicks on the Secure Site Seal, they’re able to see vetted company information and visibility in who is behind the site.

OV certificates validate that your company is legitimate and recognized by a government entity, just like the name suggests. These certificates are typically issued within 1-3 business days, less time than EV certificates, but not as quick of a turnaround as DV certificates.

An OV certificate is a great option if a DV certificate doesn’t offer the safety features you’re looking for, but an EV certificates is too expensive or too difficult to obtain.

WANT A SNEAK PEEK AT WHAT AUTOMATION AGENCY CAN DO FOR YOUR BUSINESS? DOWNLOAD OUR 35 TASKS PDF!

Which SSL Should I Choose?

Ultimately any SSL is better than no SSL.

If you’re just wanting an SSL for SEO purposes and not because you are accepting payments or secure information on your site, a free SSL from Let’sEncrypt can be a great solution.

You can also use a free Let’sEncrypt SSL certificate on an e-commerce site, it’s a 100% valid option and will protect your customers.

However, if spending a bit of money each year to have warranty protection is important to your business, consider purchasing a paid Domain Validation, Organization Validation, or Extended Validation SSL from a provider such as ssls.com.

Remember, if you want to have the most trusted certificate then highly consider an Extended Validation Certificate (these take the longest time to be generated as they manually check the information you provide to ensure it’s valid, but they are also the most hacker-proof.)

Keep in mind that depending on your hosting company you may have to pay extra to install an SSL certificate on your website. We always recommend checking with your host before choosing an SSL option.

Need Help Installing an SSL?

Finally, if you need help installing an SSL on your website, Automation Agency members can simply submit a task and we can help you out. If you aren’t a member, take a look at our concierge service plans and consider if they are right for your business, or reach out for a chat with one of our friendly team members.

About the author 

Carl Taylor

Carl Taylor is the Founder & CEO of Automation Agency. For the past 10 years Carl has been building businesses and marketing them online through the use of Sales Funnels, Email Marketing Automation, Landing Pages, and Wordpress Websites. Carl is also a #1 author and highly sought after speaker and consultant whose work has impacted thousands of businesses across various industries worldwide.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}