In the past, having an SSL certificate (commonly abbreviated to just ‘SSL’) on a website was only mandatory if you were collecting very confidential data such as credit card details. Over the years SSLs have been recommended more and now it is recommended for all websites. This blog post explains what an SSL is, how to check if your website has one, how it relates to GDPR, what happens if you don’t have one and suggested next steps.
What Is an SSL Certificate and What Does It Do?
An SSL certificate ensures data between your computer and the website is encrypted. This ensures data is safe and has not been modified between leaving your computer and arriving at the website server.
You will know it is active as the URL of the website will have ‘https://’ at the start and you will see the ‘Padlock’ symbol in your browser address bar.
How Do I Know If My Website Has an SSL?
To check if your website has an SSL in place, try visiting it with https:// at the start. E.g. Instead of http://www.f2b.co.uk, go to https://www.f2b.co.uk. If your website loads correctly and shows the padlock item, then it has an SSL certificate in place. However, if the page does not load or it comes up with any privacy/security error it is likely that it does not have a properly configured SSL certificate in place.
Will an SSL Help with GDPR Compliance?
Yes. As per our GDPR blog post, one of the GDPR requirements is to ensure that data is adequately protected. Having an SSL certificate in place is one important step to show that you have appropriately considered data protection.
What Happens If I Don’t Have One?
Today, many web browsers already show a ‘Not Secure’ warning on login and form pages which are not utilising an SSL certificate. As of July 2018, this will get stricter and the Google Chrome browser will mark all ‘HTTP’ pages as ‘Not Secure’. These notices are quite prominent – the resulting effect is that many visitors may well decide to leave your website.
Aside from the browser warnings, many informed people already look for the padlock symbol. If they don’t see this, they are unlikely to proceed with filling in forms or buying services/products from your website as they feel the site is not secure.
In addition, another problem with not having an SSL certificate in place is that Google (and other search engines) will lower your search engine ranking. So you are likely to attract less visitors via SEO than competitors who do have an SSL in place.
If you don’t have an SSL certificate in place, now really is the ideal time to do it. The good news is that it is a quick process and the cost to get one implemented is fairly low. For many businesses, the cost of adding an SSL certificate will instantly be recuperated from just one or two missed orders or enquiries from people who would have left the website.
F2B Digital offer website design, development and hosting services (with SSL certificates of course!). If you’re not happy with your current provider or would like to discuss anything further, please do contact us.