Secure Sockets Layer (SSL) is used to establish an encrypted link between a web server and a web browser. This keeps all data that is passed between the server and browser private. SSL was previously a concern primarily for e-commerce sites or sites where financial data was being submitted. However, as internet usage and technology has developed, SSL has become a preferred security methodology and is now recommended for most sites.
The interactivity of the World Wide Web and more widespread security knowledge have made more users aware of SSL certificates. Users and search engines alike give preference to websites with SSL. When visitors see an SSL certificate, they know the site has taken measures to protect their privacy. With SSL on your site, visitors can feel more secure browsing your website, downloading material and filling out conversion forms.
In addition to the user experience benefits, there are several SEO benefits. First, Google gives preference to HTTPS sites in search engine results. Adding an SSL certificate can help your digital presence be more competitive. Second, you get more accurate analytics. This is because when a user visits a non-HTTPS site from an HTTPS site, the referral data is dropped and the visit is marked as “direct”. If your site is HTTPS, referrer data will be retained whether the user comes from an HTTP or HTTPS or site.
Over the years there have been many SSL attacks found in the wild. Several that made national news are listed below.
- Browser Exploit Against SSL/TLS attack (BEAST)
- The Heartbleed Bug
- Padding Oracle On Downgraded Legacy Encryption (POODLE)
Ascedia takes these threats very seriously and they are mitigated in our environment immediately once exposed. Not only are we notified by our SSL vendor about an outbreak, but we also take it upon ourselves to test the SSLs in our environment every month and make the appropriate changes to keep them secure.
If your site doesn’t currently use SSL and you’re interested in learning more about it, contact us today.