When should you use an SSL certificate?

Matthew 21st March 2017 0 Comments

The short answer; unless you have a very good reason there is usually no scenario where having an SSL certificate on your website would be a ‘bad idea’. In fact, it is usually a significant benefit for all websites. Just the small SEO benefits you will receive, and providing your visitors with the additional trust / confidence that the little green ‘padlock’ symbol gives is enough of a reason to implement one.

There are some minor drawbacks… for example; there are certain scenarios where an SSL connection might increase load speeds slightly (as all data needs to be encrypted), but now-a-days the degradation of load speeds is minimal when compared with other page-speed factors.

On balance, our recommendation is if you can implement SSL, you should – And there are very few reasons why you ‘can’t’ – Cost is not one of those reasons as I explain below!

What is SSL? 

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data, such as customer financial data, is passed between the web server and browsers remain private and integral.

What do I need to consider when deciding whether I need SSL?

The law – Although an SSL certificate is not required by law in the UK, if you are processing payments or collecting customer data on your website you are in dangerous territory and failing to ensure you safe-guard customer data securely may result in you being in breach of the Data Protection Act.

If you divert your customers away to a payment gateway whom operate against PCI DSS compliance (like PayPal) you should be okay, but if you collect customer data (particularly financial data like Cards / Address) then you need to consider applying an SSL certificate.

Customer Confidence / Trust – Your customers will feel safer on your website if you apply an SSL certificate. The Green Padlock has become synonymous, even amongst non-technical internet users that the website they are on is ‘safe’. If you do not have this Green Padlock, you may lose out on customers whom will fear your website is not safe.

Website Blocking – Google Chrome has recently announced they are going to be much harsher on websites whom do not follow their policies on enforcing SSL. Chrome has been reported since early 2016 to be ramping up its war on un-encrypted websites. If Google Chrome thinks your website should have an SSL certificate and it doesn’t, then you may find that they start blocking visitors from visiting your website and displaying a WARNING to visitors.Other Browsers are thought to be working towards implementing a similar approach.

But… Aren’t there cost implications?

SSL Certificates are a misunderstood beast but there are cheap and FREE alternatives. The confusion with SSL is in part down to the vast differences in cost across the marketplace from FREE certificates right up to several £100 – Often companies will add their own margin onto these as they pass down the supply chain so the end customer ends up paying more. In contract to the potential costs of having your website blocked in Google Chrome and the likely costs you’ve spent already on website development, the costs are negligible and almost certainly justify the benefits.

So how do you know what you need?

One of the main difference between buying a custom SSL certificate and getting one from a Free certificate provider (Like Let’s Encrypt) is that a free one usually needs to be renewed more frequently. With paid certificates, you usually also receive some form of ‘insurance’, but this depends on the provider. Our advice is that you are best approaching a company such as ourselves whom can assess your requirements for an SSL certificate, purchase it for you and install it. You can contact us for a no-obligation quotation.