What is HTTPs?

Let's first understand how HTTPs work. HTTP or HyperText Transfer Protocol is a type of protocol used by browsers and web servers to communicate and transmit data to one another. When a website address is entered on the browser's address bar, it will send an HTTP command to the web server telling it to get the website you want to access.

SSL or Secure Socket Layer is a method of encrypting data while it travels through the Internet to ensure that private information is not compromised. When users enter private information like passwords or credit card details on a website, data will go through different servers and networks before it reaches the right destination.

This is the time when hackers may try to intercept a customer's private information unless the network is encrypted. SSL will essentially encrypt the data transmitted between a computer and server so that it's difficult for others to read and process it.

In a nutshell, SSL certificate offers three important benefits:

• Encryption - it encrypts sensitive information such as credit card numbers and other personal information

•  Trust - having an SSL will give customers the confidence that your company is trustworthy and that their personal information are protected

• Improved Page Rankings - HTTPs is one of the minor ranking signals for the Google' algorithms. This means that having the secure encryption may help you boost your Google search rankings.

Why are HTTPS sites the Norm Now?

Try loading any non-HTTPS sites in your browser now. Be it Chrome or Firefox, users will be able to check if their connection to the website is secure. For HTTP websites, when users click more information to the left of the URL, they will see the following text:

This inform customersthat the connection between their machine and their websites are not secure. What does this tell your visitors if you are operating an E-Commerce website? Will they feel comfortable with leaving their billing and shipping details with you? This is why, for most website owners, they are looking at implementing measures to 'HTTPS' their website.Popular messaging application "WhatsApp" have also began to encrypt end-to-end messages between communicating parties, securing the information transmitted is not interfered or stolen by unauthorised individuals. Furthermore, links shared in WhatsApp chat are also prepended with 'HTTPS' links, meaning that any link you clicked via WhatsApp will be defaulted to a 'HTTPS' link. If you haven't secured your website with an SSL certificate. This could probably happen:

This occurs when non-SSL websites are loaded over HTTPS link, and it severely impacts the level of trust your visitors have on your website. We believe that other similar application developers will start to implement this as well, it is time now to secure your website with a SSL certificate.

Information That Should Be Protected

Any information that can lead to monetary loss, identity theft or legal repercussions should be protected at all cost. Here are some examples where SSL can be put to good use:

• Financial Records - credit card numbers, validation codes, bank account numbers, online orders, etc.

• User Authentication - usernames, passwords, email addresses, security questions and other information required to gain access to a website

• Private Data - birth dates, social security numbers, license numbers, passport numbers, etc.

• Other confidential information - Medical records, legal documents, client directories, contracts, etc.

Do I really need to have SSL on my website?

• Ecommerce Websites

If you sell products online and you take credit card payments directly from your website, then you should get an SSL certificate to ensure that your customer's payment information won't be visible to hackers. However, this doesn't mean you need to encrypt the entire website. You can choose to have SSL on the E-commerce or client portal domains only. For payments made through PayPal or other third-party payment processors, you don't have to use SSL because customers do not send their payments to you directly.

• Websites with Login Forms

When a website does not have SSL, it is easier for attackers to steal users' login information like their usernames and passwords. With a range of affordable SSL certificates, there's no reason for you not to consider having one. If you opt not to use an SSL, then you might want to consider using Facebook Connect, OpenID or other 3rd-party login technologies so that users can still log in automatically to your website via another site.

• Membership Sites

Do you run a membership site? It's a good idea to use SSL if members are required to give out their names, email addresses, passwords, or store photos, IDs, documents, etc. on your site.

• Blog Sites

If your blog only features blog posts without any products, logins and membership information, SSL is not necessary. Most blogs only display texts and images so you don't need to have one especially if you're on a budget

• HTTP2-powered Sites

HTTP2 is the latest HTTP successor,  an underlying protocol that defined how browsers and web servers communicate with one another. It was designed to improve the limitations inherent in HTTP1 such as data latency. Before you can prepare your site transition to HTTP2, you need to ensure that the connection is encrypted with SSL.

How Do You Know if a Website is SSL-Secured?

It's fairly easy to spot on if a website is secured by SSL. Before entering any sensitive information to a website, stop and check if the website is secure. Here are some tips remember:

• Make sure that the URL on the browser address bar starts with https (not http). The "s" after http means it is "secure". It will tell you that the connection is secure when you see it highlighted in green.

• A green lock icon should be visible on the browser's address bar or the top corners of the screen. When you click on it, it will give you a snippet of information about the website's SSL certificate.

NOTE: Some websites may have the HTTPs in the address, but others may not have a green lock or text shown in the address bar. This could mean that the SSL certificate is not yet provided, or there may be some resources or content served over HTTP instead of HTTPs. For more details, you may refer to Google Chrome's connection to a site.

• There are websites that show a "security seal" that indicates who issued the SSL certificate and verifies the website's identity once you click on the seal.

• Extended Validation (EV) SSL Certificate is  the highest tier of SSL available and it offers the best encryption and presents the verified organisation's identity to visitors.

NOTE: Different browsers will display SSL and EV differently. The above screenshots are taken from the Chrome browser.

Planning to get an SSL Certificate?

Good news. If you're thinking of using an SSL certificate to secure your website, then you've come to the right place. We understand your concern on ensuring that your clients' sensitive information are always kept secure and private from cyber threats.

That is the reason why Vodien has partnered with Thawte, a well-recognized SSL Certificate Authority and subsidiary of Verisign. Our SSL certificate provides up to 256-bits encryption on the root level and comes with Thawte Trusted Site Seal to secure the connection and increase trust and credibility for your website.

Secure your website with Vodien Web SSL certificate today and get amazing savings when you sign up with a two-year plan. Just click on the link below to get started.