Future proof your website with an SSL Certificate

Security/ 28th Feb 2017/Jamie Hoyles

Not everybody will be familiar with the term SSL Certificate or HTTPS – for those who are not, SSL stands for Secure Sockets Layer. This is a technique for encrypting and authenticating data traffic over the web in order to improve the security of a website/domain. An encrypted link is established between a server and a client—typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook).

HTTPS is short for Hyper Text Transfer Protocol Secure – this is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to.

If your website handles sensitive data such as customer records, passwords, or operates as an e-commerce platform then having an SSL Certificate in place is already a necessity.

Google is placing a huge emphasis on sites who do and do not have HTTPS active. Google Chrome users may have recently noticed a change in the look of their browser… To help users navigate the web safely, Chrome indicates connection security with an icon in the address bar:

SSL Certificate Secure Domain

Likewise, if an unsecure website is asking you for sensitive information you are notified via the address bar:

Unsecure Domain

This is part of a long-term plan to mark all HTTP sites as non-secure.

The current schedule according to Google is

“Beginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.

Chrome currently indicates HTTP connections with a neutral indicator. This doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.

A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS usage is consistently increasing. We recently hit a milestone with more than half of Chrome desktop page loads now served over HTTPS. In addition, since the time we released our HTTPS report in February, 12 more of the top 100 websites have changed their serving default from HTTP to HTTPS.

Studies show that users do not perceive the lack of a “secure” icon as a warning, but also that users become blind to warnings that occur too frequently. Our plan to label HTTP sites more clearly and accurately as non-secure will take place in gradual steps, based on increasingly stringent criteria. Starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature.

In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.”

Having an SSL Certificate in place can also help with Search Engine Optimisation. It has been rumoured for a while that Google places weight on those sites with one in place but it is only recently Google have announced changes to its indexing algorithm that gives a slight priority to sites that use SSL when defining search engine rankings. Their search team claims to be making the Internet safer by “making sure that websites people access from Google are secure.” As a result, website owners are being encouraged to apply SSL technology to their entire site to protect their customers and potentially receive a favourable Google ranking.

You can join the ever-growing number of secure sites by obtaining an SSL Certificate from us here at Clook. We have made the process as automated as possible and assuming you are able to respond to verification emails promptly aim to have a certificate installed for you within just 2-3 hours from the point of ordering (during business hours). The input from the purchaser is minimal and no technical knowledge is required.

A list of the SSL Certificates available can be viewed on the Clook website. The guide below should help you decide which certificate is right for you…

Alpha SSL
This certificate comes with a basic level of encryption. The AlphaSSL is ideal for personal websites or small businesses without e-commerce. Quick to validate, these certificates can be installed within a couple of hours of ordering.

Domain SSL
This SSL provides medium range coverage. A DomainSSL is ideal for small-to-medium businesses or organisations without complex security needs beyond basic e-commerce.

Organisation SSL
With increased recognition, OrganizationalSSL is perfect for medium-to-large businesses or organizations with complex security needs and those storing customer accounts and sensitive information.

Wildcard SSL
A wildcard SSL allows multiple subdomains to be covered under one certificate – eg shop.yourdomain.com; mail.yourdomain.com, etc. These are available to add to Alpha, Domain & Organisation SSLs.

Extended Validation (EV) SSL
This SSL Certificate shows the green URL bar in browsers and provide the most extensive recognition, coverage and warranty. EVSSL is ideal for high-security businesses and organizations with extremely sensitive personal or financial information.

 

If you have any queries please do contact our knowledgeable team on 03300 885 250 or sales@clook.net

If you have an accounts query it is likely Jamie will be the one to help you resolve it...! Away from the office he is a condemned supporter of Blackburn Rovers, enjoys watching and playing cricket and appreciates a good meal out.
We have a very strong team here at Clook and we build on everyone's strengths and weaknesses, you have to be able to make a good brew too!

Chris James

Customer Login

Forgot Password? Cancel