Ever wonder why there’s a little padlock symbol up next to the URL? Ever wonder why it says “https” instead of just “http”? Enter the SSL Certificate. It’s a standard now, but when they were first invented, they were few and far between. Read to find out how SSL certs are a staple in cyber security.
So what is an SSL? It stand for Secure Socket Layer, and is part of the HTTPS (HyperText Transfer Protocol – Secure) communications protocol. As information is sent to and from a website, it is encrypted using a private/secret key, so that information can’t be hijacked on its path of travel. It was originally developed by Netscape, and released in 1995. In the early days, SSL certificated were encouraged for use by companies that processed online transactions, as well as for secure email communication. New development has evolved the SSL into a more secure and slightly different type of certificate, called the TLS Certificate (Transport Layer Security). This post discusses the certs as one, focusing on the benefits of having a trust certificate
Now, more than 70% of websites have SSL certificates, and it’s uncommon to have a site without one. In fact, Google ranks sites higher if they have an SSL certificate. In fact, Google started using SSL certificates as a ranking signal in 2014. It began as only a 1% increaser, but now, in the middle of 2017, it has a much heavier weight. The exact percentage is unknown, but it has definitely increased since 2014.
Trusting an SSL Certificate
Besides helping with page ranking, and some data encryption, what’s the big deal with promoting SSL Certificates as cyber security products? It’s because of trust. See, trust is a hard thing to come by, especially in the world of the Internet. There are millions of phishing schemes, malware, and other cyber attacks made every day. Cyber crime costs hundreds of billions of dollars, and it affects you as soon as you trust that unknown email link.
With an SSL certificate, you can trust the website that employs it. Not just because it supposedly encrypts the data, but because it was purchased and “signed” by a verified, trusted security company. The certificates are distributed by reputable companies like DigiCert, Comodo, GeoTrust, VeriSign, and others. You can purchase a certificate from anyone, but expired or untrusted certificates will cause your browser to warn you about using the site.
That is the trust factor. As shown in this screenshot, the browser has traced the certificate from it’s origin, showing the browser’s trust in the certificate, and showing an expiration date as well. It even shows the root certificate, proving that it’s reliable and trusted.
If you don’t already have an SSL or TLS certificate, like it was mentioned earlier, more than 70% of websites now use them, and Google likes your site better, and so do webs browsers. Hopefully you are convinced by now, because you NEED a digital certificate. You can learn more here.