Do I need SSL for my website?

hero bg image

do_i_need_ssl.jpg

Take a quick glance at your URL bar. Do you see that little green lock? Or the https that comes before the site URL instead of the http you may have seen on other sites?

You may never have noticed these details on the sites you visit regularly, but they are an important signal that your connection to a site is encrypted, keeping any personal information you share secure. The technology that provides this encryption is called Secure Sockets Layer, or SSL.

 According to SSL.com:

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

This means that sensitive or personal information like credit card numbers, social security numbers, or even just login credentials can be submitted safely. Without SSL, this information is sent in plain text, which leaves both parties vulnerable to hackers.

Why do you need an SSL certificate?

As the quote from SSL.com noted, this technology has become an industry standard. It displays that your customers can trust you, and that your site is legitimate. This is especially important if your visitors are transmitting their personal information. Even if your site doesn’t collect payment information, it’s likely at least capturing some personal information from site visitors, like email addresses or phone numbers. That little green lock indicates to your visitors that their information won’t be intercepted and misused by someone they didn’t intend to share it with.

The security benefits aside, an SSL certificate is important to have on your site for SEO reasons. In 2014, Google started giving a light signal boost to sites with https URLs, and late in 2015, they announced that their indexing system was set to crawl for https sites by default. In January 2017, Google Chrome will plainly mark non-secure sites that transmit passwords or credit card information. All that to say: not having an SSL certificate could sink your site’s rankings in the future, as browsers will almost certainly become more aggressive about this issue.

How do you get an SSL certificate?

Hubspot customers using the website platform can get a standard SSL certificate for free by requesting one in Content Settings under “Manage Your Domains.” If that doesn’t pertain to your site, you can also purchase an SSL certificate through your domain registrar, or through services like Globalsign or GeoTrust. Keep in mind that most SSL certificates are usually valid for one or two years, so you’ll either need to re-up your certificate or purchase a more advanced certificate that’s valid for a longer time period.

Setting up a secure site with an SSL certificate takes a little bit of time and sometimes money, but the investment will show your site visitors that they’re on a legitimate site, and that you value their security. It will also keep your site on the correct side of current search engine best practices.