Why you need SSL for your website security & SEO
In 2017 ransomware is running riot
Internet security is a huge problem. In May WannaCry ransomware demonstrated in dramatic style how vulnerable many systems are when it infected and froze many public utility and large corporation networks including the NHS. Other major data breaches this year have included Deliotte and Equifax (130 million accounts) and 3 years ago Yahoo with 3 billion accounts hacked. Greater use of SSL will improve security along with other measures.
Small websites are as vulnerable as large
It’s important to understand that small websites are a target as much as bigger ones. Easy-to-use hacking tools automate the task of attacking any website. Potential vulnerabilities are identified and then tested. In this way smaller websites attract hackers attention as much as larger ones. It’s opportunistic, not targeted. It’s about making money which could be through SEO spam campaigns, malware payloads, or even system resource theft.
Get a boost in search rankings
Google’s ranking algorithm now boosts websites if they use SSL. They have indicated that they may increase this over time.
The Google search boost for using SSL applies to all sites. Even if your site doesn’t have a checkout page, login pages, or any financial or sensitive personal information, you will still get SEO benefits by installing an SSL Certificate on your site.
Avoid negative browser labelling
A further incentive from Google is happening from 27 October. A new version of Google Chrome will prominently label any site without an SSL Certificate as “not-secure” in the browser bar.
SSL Security Technology
So, what is SSL?
Secure Socket Layer (SSL) is a technology that provides authentication and data encryption between a website and a user’s computer, tablet or phone.
And what is TLS?
Transport Layer Security (TLS) is the successor to SSL. The terms TLS and SSL are used interchangeably and essentially mean the same thing.
Why use SSL?
SSL encryption is used to encrypt sensitive personal information, like credit card details at the checkout of an online store. In the event of cybercriminals intercepting those details, they will be unable to read or use that information. The UK Data Protection Act 1998 requires that organisations must protect personal information, so using SSL encryption is an important tool for meeting this requirement.
Is SSL really secure?
SSL is only part of the solution. SSL only secures the connection between your clients and your web server. It does not provide any security for the data stored on the server. You still need to use server-side encryption if you want to protect the data from breaches to the server itself.
What is HTTPS?
HyperText Transfer Protocol Secure (HTTPS), or “HTTP Secure,” is a combination of the HyperText Transfer Protocol (HTTP) with the SSL/TLS. HTTPS is used to provide encrypted communication with and secure identification of a Web server.
Websites with HTTPS use https:// in the browser window and the browser will confirm with a green padlock symbol –
Further sources of information
Data breaches –
Wikipedia list of data breaches https://en.wikipedia.org/wiki/List_of_data_breaches
Wired list of data breaches https://www.wired.com/story/2017-biggest-hacks-so-far/
Why websites get hacked https://blog.sucuri.net/2015/02/why-websites-get-hacked.html
UK Data Protection Act 1998 https://www.gov.uk/data-protection
Transport Layer Security https://en.wikipedia.org/wiki/Transport_Layer_Security
Google’s Webmaster Blog https://webmasters.googleblog.com/