What is HTTPS and does your local business website need it too?

Thursday, October 11th 2018

The chances are that you have already come across a website with a warning Not Secure next to the URL address. You are not alone.

Many global websites still don’t use the more secure HTTPS protocol to transmit information. And it is no different in New Zealand where the vast majority of local businesses rely on the non-encrypted HTTP protocol.

Unsecure website that lacks HTTPS

What is HTTPS?

You may already be familiar with HTTP, the protocol that transfers the data between the website and your browser. HTTPS – with the “S” in it, adds a layer of security. This means that all communication between the website and your computer is now secured via encryption. The security certificate enables this type of communication.

Active SSL Certificate

How does HTTPS work?

HTTPS features a security layer SSL/TLS (commonly known as SSL) on top of the existing HTTP protocol. The communication happens the same way as with HTTP but with a layer of encryption on which is called an SSL.

The main purpose for the security layer (SSL) is to verify that it is your browser that is talking directly to the server and no one else. If anyone intercepts the communication, they won’t be able to read the data you send and receive.

Does my website need an SSL certificate?

Having an SSL certificate installed and HTTPS enabled ensures that the communication between the visitor and your website happens in a secure fashion. Even for a business that doesn’t sell products and services online, HTTPS adds credibility and trust.

Google Chrome, the most widespread browser, has recently started to mark all unencrypted websites as ‘Not Secure’. It’s a trend that other browsers will soon follow.

This layer of security also creates further confidence in your customer base that your site will be a safe browsing experience.

It is highly recommended using the security protocol on your website. The New Zealand government also recommends it.

What are the benefits of having an SSL Certificate on your website?

  • Your business looks more professional
  • Secure connection helps your rankings – yes, Google now uses HTTPS as a ranking signal for their search engine
  • Visitors to your website don’t have to see Not Secure next to your website address
  • You gain credibility and trust
  • Transmission of all data between the visitors and your website is more secure

What types of SSL certificates are on the market?

There are 3 main types of SSL certificates on the market today. They all offer the same encryption, however, what differs is the verification process needed to obtain the certificate and also the way the certificate is displayed in the browser.

Domain Validated SSL Certificates

Domain Validated SSL Certificates

The Certification Authority checks the right of the applicant to use a specific domain name. The company identity and information is not verified or displayed within the encryption.

These certificates are issued almost immediately as there is no paperwork required. Due to their low cost, they are the most popular certificates for businesses today.

Organisation Validated SSL Certificates

Organisation Validated SSL Certificates

The Organisation Validated certificates are issued after some checks have been done to identify the company identity.

The certificate appears the same as the Domain Validated SSL Certificate but the company information is listed within the encryption seal.

Extended Validation SSL Certificates

Extended Validation SSL Certificates

The Extended Validation SSL is the highest level of authenticity of these certificates. While it offers the same encryption, a strict audit is enforced to verify the company identity before the encryption is issued.

These certificates are commonly used by banks and government organisations. A green seal is displayed in front of the URL with the company name and country of origin.

How to get an SSL certificate?

SSL is an essential component of website security. Whether you are just starting a new website or you already have an existing one, you should consider getting an SSL right away.

Follow these steps to get an SSL certificate up and running:

  1. Purchase and install an SSL
  2. Redirect all traffic from HTTP to HTTPS
  3. Let Google and other search engines know that you’ve changed your website’s URL to a more secure HTTPS

There are many providers that offer SSL certificates.

If you have some server administration knowledge, you can get one through Let’s Encrypt which offers free Domain Validated SSL certificates. Alternative, you can also order one from your hosting provider.

We offer these services too. If you have any questions or would like us to help you to install and configure an SSL certificate, you can reach us through our Contact page.

Explore services we offer.

Our services