Site Security

We are all hearing more and more news stories about cyber-security breaches, criminals stealing data, hacking websites, identity theft, etc. The Internet is simply not that safe and it is scary.

That’s why several clients have recently asked me about adding server security (SSL) to their websites. This is the feature some of you may already be familiar with where you see the little ‘s’ in the website URL protocol. That is, instead of the commonly seen ‘http,’ you would see ‘https’ at the start of the web address in the browser. What that little ‘s’ after ‘http’ means is you have a wall between your website files and the Internet. The result is that it is much more difficult for hackers to get into your website files.

To get technical for a moment, an SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private. It is not foolproof, but it goes a long way toward protecting sites from cyber attacks.

This level of security is especially important for anyone conducting financial transactions of any kind over the Internet. For example if you have a form for your customers to register for a class and pay for it online, you are conducting a financial transaction in cyberspace. But even simple text forms are at risk. Transmission of any data on an unsecured site (names, addresses, phone numbers, etc.) can be stolen. SSL encrypts the data, so thieves can’t use it. Almost all large vendors selling almost anything online or collecting text data online now use a secure server. And lately, we are seeing smaller sites add this feature as well.

Another important reason to add that little ‘s’ is we know that Google will start flagging interactive sites without an SSL certificate, as soon as the end of 2017. Visitors going to such sites from Google can expect to see a message in the URL bar that says ‘Not Secure.’ Also, Google will likely accord more value and thus a higher search ranking to sites that have this security feature.

An SSL certificate is not free. Depending on the site and the hosting company, they can cost from $50-to-$150 per year. And for larger, more complex sites, they can be as much as $600/yr. But for most of my clients, the cost will be under $100 annually. Although not an absolute requirement for everyone (at least not yet), we recommend that all our clients make this change, if they have not already done so. Just call or write us and we’ll take care of it for you.