What The Changes in SSL Mean to Business Owners
Guest post by NimbusHosting
With all the furor over cybersecurity and GDPR, it is perhaps, unsurprising, that Google has finally decided to make an attempt at increasing their security standards. For a number of years now they have been encouraging website owners to invest in SSL certificates. SSL stands for Secure Socket Layer and essentially, what it does is allow a website to be accessed over HTTPS, which encrypts the information between a visitor and the web server. If you think of the information you enter into your browser as crossing a bridge – then an SSL certificate adds an extra fence around this metaphorical bridge, making the passage of data far safer.
Any website that has this extra layer of security will have a lovely green padlock next to their domain name in the browser and if clicking on this padlock allows the user to view the precise safety level of a website. This padlock and green symbol essentially means that that the website is authentic and has secure and encrypted data. However, whilst this sounds easy in principle it can be an incredibly tricky and sensitive topic and many business owners may well find themselves scratching their chin and staring at the screen in wonder and amazement at the various acronyms and security terms thrown at them by technology-minded folks. However, for some business owners it is soon to become incredibly important and if there is any uncertainty it is recommended to speak to a hosting provider who can offer advice. Speaking to Tim Dunton, the founder of Nimbus, he commented: “the latest browser usage statistics suggest that Google Chrome holds nearly 60% of the market share and it’s likely that other browsers such as Firefox & Safari will follow Google’s lead in the push for better security.” Meaning that there really is no getting away from this.
That being said, there is, of course, a huge amount of incendiary and controversial content being pushed around this. Title’s such as “Google Chrome HTTPS certificate apocalypse” remain exaggerated hyperbole and should be taken with a pinch of salt; obviously and unquestionably SSL certificates are important and something to be aware of. However, this is not the end websites as they are. A lot of this is really just common sense and if a website is secure it should have no problem gaining the appropriate SSL certification. To be honest this could we be a positive step forward in helping to improve transparency in the industry.
It is particularly relevant for those websites who take any text input which doesn’t necessarily need to be a card payment. It could be anything as seemingly innocuous as a contact form and, any page, on Google Chrome’s Incognito mode.
Previously, websites who conformed to the SSL gained rewards in terms of their SEO ranking, Google’s way of saying thank you. However, they have now reversed their process somewhat and have changed the carrot for a stick, punishing those businesses who fail to attain an SSL certificate and even those who don’t have an SSL certificate of a high enough value. Those websites will soon find themselves being marked as “unsafe” – written in bright red next to their name in the browser, and, not only that, but visitors will see a pop up warning them that their connection is not private and that someone may be trying to steal their information. In fact, they will have to click past this warning to gain access to the website. This upgrade has been rolled out alongside the launch of Chrome version 66 on April 17th and will be made somewhat stricter on October 23rd when all Symantec certificates will be listed as not trustworthy.
Due to Google’s decision to question their security integrity, Symantec sold their certificate business to DigiCert who are now responsible for helping to ensure all those businesses who may well suffer are able to migrate to more recognized certification. This should give all those businesses who had Symantec SSL a huge amount of confidence as they should now be converted over to DigiCert and be marked as safe by Google.
So, essentially whilst there is no reason to panic, there is absolutely a need to move forward. It can be a trying time for a business owner in the tech space at the moment with acronyms like GDPR and SSL being flung left, right and center. However, speak with your hosting provider; any agency worth their salt should be able to get a handle on this and help make sure that your business has the right protection and is fully accredited and recognized. Because moving forward there seems little doubt that nowadays businesses will have to be proactive rather than reactive when it comes to the digital space.