What is an SSL Certificate?
An SSL Certificate gives your website a layer of security and encryption that isn’t present on standard websites. From a user perspective, it’s the difference between having a little green padlock on the left-hand side address bar or not. You may also notice the https instead of http on your website protocol.
What’s the deal with SSL Certificates and why do I need one?
Prior to October 2017, an SSL Certificate was really only for e-commerce websites, to encrypt payment details and personal user information. The bonus for non-e-commerce sites was a little extra credibility and trust for users.
From October 2017, however, a few things have changed. Google have begun to alert web users to the potential security risk of putting their personal information into unsecured websites. Further to this, the introduction of GDPR in April 2018 means that the UK Government are now holding web administrators accountable for securing their customers’ data and the fines for non-compliance are substantial.
In order to comply with the GDPR and give your users trust when visiting your website, you need to consider the functionality of your website.
Websites that need to consider an SSL Certificate:
Still not sure if you need an SSL Certificate for your website? Our below guide will hopefully banish any confusion;
Your website takes payments
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes
If you take payments via your website, you should have an SSL Certificate. This has been true for a while now and if you fit into this group and your site doesn’t have one, you’re late to the party.
In this instance, your SSL Certificate is keeping your customers’ card details, address, email address etc. safe and greatly reducing the risk of loss of data which could have serious financial implications for both you, and your customer.
Your website has a user log-in area
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes
User profiles store a good amount of personal data, including but not limited to, name, address, email address, passwords, date of birth, telephone number etc. If you have a user profile section within your website then you need to make sure you’re securing that data.
Your website has a contact form
Certificate Needed: Yes
For GDPR: Yes
For Google: Yes
The information provided in contact forms; name, email address, telephone number etc. is considered personal data and as is therefore accounted for under the new GDPR rules. Google have also started adding warnings to contact forms on non-secure websites to alert the user to the potential risk. So, if you want to avoid fines and scaring off potential leads, upgrade to an SSL Certificate.
You have none of the above but you’re interested in the SEO of your website
Certificate Needed: No (Advised)
For GDPR: No
For Google: No (Advised)
Having an SSL Certificate gives confidence to your website visitors that you’re thinking of their online security. Not only that, but Google actively encourage security in web browsing, so they’re likely to look more favourably on your site (and present it with a higher ranking score) if you have an SSL Certificate.
You’ve probably guessed by now that we would, as a general rule, recommend an SSL Certificate for all websites. If you fit into any of the categories for which having an SSL Certificate is a requirement for compliance of the GDPR, you really need to start thinking about this now.
Of course, as a full service agency, we offer SSL Certificates. A couple of examples of our work includes Norfolk Broads Direct who take payments for their Broads boating holidays and cottages online, as well as Office Furniture Scene who are an online furniture retailer, and Grand UK Holidays who are a leading provider of coach holidays. Whether or not you choose Nu Image for your SSL upgrade, make sure you’re compliant once the GDPR comes into force as the fines could be truly business destroying.
Social Media Management