Are SSL certificates needed on all sites?

The internet is a wonderful place to do business because of how easy it is for your customers to find you online. The problem is, they are not the only ones taking an interest in your online activities, business or otherwise.

There are criminal elements that want your data to make money, putting your business and finances at risk. They are able to do this by intercepting communications between your website and your customers, committing what’s known as a man-in-the-middle attack.

These attacks have become ever more common in recent years, leading to an explosive rise in cybercrime. So, how much growth are we talking about? The Statistics company Statista reveals that 2018 saw a massive increase in data breaches. Breaches rose from 1,093 in 2017 to 1,579 in 2018; that’s an alarming 44% increase in only one year!

The stats are likely to be even higher for 2019, as the trend continues to grow. It can be scary, especially if you are not sure how to protect your business or your clients from malicious hackers on the internet.

Fortunately, there is a solution that is both easy to implement and works: SSL encryption.

SSL, or Secure Socket Layer, is an encryption protocol that takes the session information between clients and servers and makes it indecipherable to anybody else who may be trying to eavesdrop or intercept it. This makes it impossible for external parties to read any meaningful information from intercepted traffic, and creates an all-round safer browsing experience for you and your clients.

Recently, browser updates, like Google Chrome’s Update 62, have started displaying warnings when a website that is being accessed doesn’t have SSL running. This creates a scary looking prompt that denies access by default until the hidden “Proceed” button is clicked. The “Proceed” button can only be accessed after the “ADVANCED” link is selected.

This deterrent highlights the shift in security consciousness of the average internet user. Users are far more likely to close your webpage if they are greeted with the news that your site is not secure.

If that was your website, you could have just lost out on another customer. These messages and prompts have the potential to reduce traffic to your website just by having an additional step to access your content.

Worse still is that not having an SSL certificate means your website is also going to suffer in the Google rankings department. Why? Because websites that begin with insecure “http” prefixes are automatically ranked lower than SSL-equipped sites, which all start with “https.”

Google does this to ensure that the most secure search results appear higher up in the list, as opposed to non-secure websites that get pushed down, or even omitted entirely.