A few weeks ago one of our clients came to us, concerned about an “unauthenticated source” message displaying in his browser when viewing his site. He was worried that this signal might scare off users.
The main reason this was happening was because there is “insecure content” on his site. While that sounds pretty scary, it’s really not all that uncommon. Technically, just about any site that doesn’t have an SSL certificate has insecure content.
But what is an SSL? How does it work? What are its advantages and disadvantages? Read on to find out!
First Things First
I recently read a web design comic strip (I know, my geek is showing, haha) that mentioned that if you wanted to make marketers happy you needed to show data. The comic strip also demonstrated that if you wanted to make designers happy you needed to put the user first.
In my opinion, this comic strip is missing the mark. As time goes on, web design and marketing efforts are becoming more and more intertwined. Search engines like Google have begun telling us to put the user first. Most browsers (like Google Chrome, Mozilla Firefox, Safari, Opera, or Internet Explorer) have even begun giving users visual cues to let their users know when they are using a secure site.
Have you ever used a site like PayPal and noticed that part of the search bar that shows the URL turns green? That’s because PayPal is on an SSL. You can also tell a site is on an SSL when the site begins with https:// instead of http://. These visual cues make your user feel safe and make your brand more trustworthy.
If this isn’t a sign that both search and web design should focus on users, I don’t know what is.
What is an SSL?
SSL stands for “Secure Sockets Layer”. It’s basically used to keep sensitive information sent across the Internet encrypted so it safely reaches only the intended recipient.
This is the technical definition, but as I was perusing Reddit earlier today, I found a really great, simple example of what an SSL really is in the “Explain Like I’m Five” subreddit.
“You want to pass a note from you all the way across the room to Suzy. Normally, you just pass the note and say “get it to Suzy” and the kids in the room will keep pushing it towards her until she gets it. The problem is, the teacher or anyone who gets the note can just open it up and read it. SSL is a type of certificate used to make sure the contents of a packet (note) don’t get read. It’s like putting your note in a lockbox and you’ve given Suzy the key ahead of time. She’s the only one who can see what’s in the box, because she has the key (the SSL certificate). HTTPS is an altered version of the HTTP protocol which makes sure whoever tries to open the box has the key. If anyone tries to read the note and they don’t have the key, all they’ll see is garbled (encrypted) data, which will most likely just look like random characters. it’s like they took the box and just tried smashing it on the floor, but it ripped the note apart in the process.”
Advantages of an SSL
Now that we have a firmer grasp of what an SSL is, let’s talk a little bit about the advantages of having one.
As I mentioned earlier, data encryption is the first advantage. If you’d like to transfer sensitive information – credit card numbers, email addresses, phone numbers, dates of birth, social security information, etc. – an SSL is your first line of defense.
The next advantage is trust. Do you remember that I stated earlier that our client was worried that the “unauthenticated source” message was scaring away potential customers? These types of signals could definitely make users a bit wary when it comes to entering personal information. Adding an SSL to your site is a step in the right direction as far as making your users feel safer.
Disadvantages of an SSL
The first disadvantage of an SSL is the cost. There is typically a monthly/annual fee for an SSL, similar to your hosting fees. Also, you will likely need to renew your SSL on an annual basis.
The second disadvantage is site performance. Because the data on your site needs to be encrypted, it takes a bit longer to load/transfer information. However, the difference is usually nominal, unless your site has an unusually high volume of traffic.
While the speed of your site may be a concern, consider this: Google, Microsoft, and Apple are all on an SSL. It’s very clear that they are putting their users’ protection first and that the performance of the sites has not been jeopardized.
The final disadvantage for SSLs is that they are in no way the end-all, be-all of securing your site. On the contrary, SSLs are really just the beginning. Other ways to keep your site safe include, but are absolutely not limited to:
- Keeping your software up to date (this means making sure you have the most up to date version of WordPress!)
- Using strong passwords and keeping them in safe places. (Please, no “password123” or “passwordpassword”.)
- Register with Google’s Webmaster Tools. With Webmaster Tools, you can receive notifications about malware infections and thus handle the problem before it gets out of hand.
- Get expert help. If you don’t know what you’re doing, talk to the pros. People go to school and get paid money to secure sites. Optimum7 can also help here, just so you know. ;-)
SSLs for Optimum7 Clients
It is Optimum7’s intention to be proactive, rather than reactive in our marketing efforts. Because Google has moved to an SSL, we believe that it is only a matter of time before most search engines begin to favor https:// sites. In the New Year, we will begin moving all client sites to SSLs before they are negatively affected by this change.
As I’ve mentioned before, Internet and technology are ever-changing. What we do today is much different than what we did even as short as 6 months ago. However, it has always been Optimum7’s main goal to provide our clients with the best possible consultation for their online brand/business. Today, that means making sure all sites are as secure for their users as possible.
Is your site secure enough? Contact Optimum7 for a free consultation today!