Your cart is currently empty!
Author: GoeSecure
Why You Need SSL Certificates
Secure your online success
SSL certificates perform two major functions—encryption and identity validation. Both are essential to gaining the trust and, ultimately, the business of online visitors.
You’re probably aware that all major browsers now label all unencrypted webpages with “Not Secure” warnings. If you’re doing business online, the impact of this is huge given that, according to the CA Security Council Report, only 2% would proceed past untrusted connection warnings and only 3% would give credit card information without the padlock icon.
Since SSL certificates enable encryption, or HTTPS, every one of your webpages needs one to avoid these negative messages and protect data in transit. But, there are many other advantages of ensuring your webpages have SSL certificates.
Here are eight other important ways SSL certificates benefit you and your visitors:
Improve website performance—In this “I want it now” world, no one’s going to wait for your webpages to load. HTTPS speeds up page loads to deliver a great visitor experience.
Drive more website traffic—Google rewards websites that serve every page via an encrypted HTTPS connected with as much as a 5% boost in search engine rankings. That means more people clicking through to your site.
Reduce shopping cart abandonment—Abandonment rates can soar as high as 75%. Why? One of the top 7 concerns of online shoppers is whether your website is legit. SSL certificates give them the confidence they need to hit “Buy Now’.
Increase conversions—Bizrate reports 69% of online shoppers look for websites that display trust symbols. It’s easy enough to click away to a competitor who proudly shows them off. A Tec-ED survey reported premium EV SSL certificates have been proven to increase conversions.
Leverage the latest innovations—HTTP/2 is the first big revision to the outdated HTTP network protocol. It’s faster and safer, but browsers require a secured connection to unlock these advantages.
Enable must-have mobile features—The most in-demand mobile features, including geo-location, device orientation, full screen, microphone and camera are only enabled over secured HTTPS sessions.
Sharpen your competitive edge—The level of SSL certificate you choose is a differentiator that motivates visitors to do business with you instead of “the other guys” that don’t have a premium SSL certificate. Trust us, your visitors will notice you’ve taken the extra steps to put their security front and center.
Avoid phishing attacks—It might be easy for cybercriminals to squeak by domain validation with a DV certificate and fool unsuspecting visitors with “Secure” in the address bar, but the Extended Validation (EV) process is designed to ensure only the “good guys” are approved.
The Choice is Clear
Beyond meeting the new encryption standard, SSL certificates improve your speed, innovation and conversions—all important factors for online success. At the very core is trust. Remember, you’re in control of how visitors perceive you online. Review your SSL certificate options to find the one that’s right for you and start earning the trust you deserve.
How to Satisfy Multiple GDPR Requirements with One Simple Step
We’re a few months into the official launch of the GDPR (General Data Protection Regulation) that went into effect May 25, 2018. If you’re still struggling to get complaint, you’re not alone. In fact, Gartner predicts more than 50% of companies affected by GDPR still won’t be in full compliance by the end of 2018. It’s not surprising since this 99-article regulation is a lot to bite off and most organization simply don’t know all the steps required to comply.
What is the GDPR
GDPR is a broad-reaching regulation designed to protect the private data of Europeans in IT systems. It covers a broad range of topics, from how and when to notify regulators about data breaches to user transparency about what data is being collected and why.
You’re asking the wrong question
Most companies are still asking, “Does the GDPR apply to us?” From a purely technical standpoint, here are a few of the criteria that determine who’s impacted:
- You have customers, employees or contractors who are EU citizens or based in EU countries (and, yes, the United Kingdom counts)
- You do business in Europe, even if your business is located elsewhere
- You have an online presence (including your website) that’s available for Europeans to use
Spending your resources on trying to exclude your company from GDPR isn’t the best use of your time. And, there are other considerations that extend beyond regulations and fines, reaching all the way to your bottom line:
- You deal with business partners that want to be GDPR compliant (and if you aren’t, they won’t want to contaminate their compliant databases with your non-compliant data)
- You don’t focus on doing business in EU, but can’t stop EU citizens from visiting your website and leaving their personally identifiable information behind
- Trust is everything online and, if your website collects or processes user data, even via signup or contact forms, visitors expect you to keep their information secure and protected
A better question is, “How do we get compliant?”, since a majority of the GDPR requirements are best practices that most companies should have been doing all along. If that’s not incentive enough, let’s look at the consequences of not meeting these requirements.
Non-Compliance Can Be Crushing
Suffer a single data breach and you’re looking at a fine of €20 million or up to 4% of your annual turnover, whichever is greater. Just to put this into perspective, this would equate to $7 billion for Amazon, more than two years of profit. Plus, you may face additional fines based on the type of breach, data exposed, notification, remediation and response. And, this doesn’t include irreparable damage to your reputation or costs associated with insurance, legal fees and settlements.
SSL is an Essential Part of GDPR Compliance
Though the GDPR doesn’t contain any specific section on the use of SSL certificates, it includes clear requirements that can only be addressed through digital certificates. Article 32 of the regulation (“Security”) begins this way:
… the controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
- the pseudonymization and encryption of personal data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
Basically, GDPR states that, if your site collects and stores any information from your users, you have a responsibility, as a data controller or data processor, to keep this information secure and protected, including encrypting personal data and ensuring ongoing confidentiality. Verizon’s Data Breach Investigation Report cites lack of encryption and lack of security when handling confidential information among the top most common causes of breaches, so these requirements make perfect sense. And, alarmingly, only 4% of breaches reported were protected by encryption, rendering the data useless to cybercriminals. If you suffered a breach, wouldn’t you at least want to make sure your company and customer data couldn’t be decrypted by evil doers?
SSL certificates have been the de facto encryption and authentication standard for all confidential web communications for more than 30 years. Not having an SSL certificate increases your risk of a data breach. If you have an eCommerce website that takes user payment information such as bank account details, having an SSL is a necessity. But, even if your site is a static HTML page that doesn’t sell anything and has no contact us or signup forms, you still need an SSL certificate to avoid Not Secure browser warnings.
SSL Delivers Other Business Benefits
If you’re still on the fence about investing in an SSL certificate, consider the benefits to your business that go way beyond GDPR compliance.
Faster Website Performance— In this “I want it now” world, no one’s going to wait for your webpages to load. SSL certificates enable HTTP/2 to speed up page loads and deliver a great visitor experience.
Boost Search Engine Traffic— Google rewards websites that serve every page via an encrypted HTTPS connected with as much as a 5% boost in search engine rankings. That means more people clicking through to your site.
Optimize the Mobile Experience—The most in-demand mobile features, including geo-location, device orientation, full-screen, microphone and camera, are only enabled over sessions protected by SSL certificates.
Increase Conversions— According to Comodo’s DevOps June 2018 EV study, 50.2% of respondents are more likely to engage in financial transactions when an EV green address bar is present. And, testing has shown typical increases of around 10% more completed transactions.
Avoid Phishing Attacks—Cybercriminals might squeak by domain validation with a DV Certificate and fool visitors with “Secure” in the address bar, but the more in-depth process for Extended Validation (EV) SSL certificates process help ensure only legit sites are approved.
Check SSL Off Your GDPR Compliance To-do List
Making sure all your website pages use SSL certificates to authenticate and encrypt communications is a smart step toward meeting the GDPR requirements. And, even if you’re not technically impacted by the GDPR, you should be using digital certificates to protect your customers and maximize visitor confidence. Every day you go without SSL, you’re scaring away visitors with Not Secure warnings. Review your SSL options to make sure your website instantly builds trust and satisfies the GDPR’s requirements for encryption and confidentiality.