What is SSL Encryption and Should You Have It?

Warning: The following post contains jargon in the form of what I like to refer to as “letter salad.” I’ve done my best to minimize and/or explain the letter salad or at least sprinkle it with large amounts of ranch dressing and bacon. If at any time you feel lost, just take a deep breath and think about bacon and you’ll be fine.

Do Your Customers Trust You? Should They?

There’s a famous saying from networking and referral expert, Bob Burg, “people do business with people they know, like, and trust.”

Your customers trust you. Your customers think their information is secure, but if your website’s address begins with the letters, HTTP, anyone can see everything that happens on it. That means whenever a new or existing customer visits your website, including when they type personal information into a form on your website like their address, their phone number, or their credit card number, that information can not only be seen, it can be stolen by criminals who will then sell the information to other criminals.

Ssl Encryption Blog Graphic

Data Security and Hacks a Growing Concern (Think Equifax)

Remember the Equifax hack this past summer? During that attack, hackers were able to exploit a vulnerability in what should’ve been a secure server and get away with nearly 150 million people’s personal information, including social security numbers. Before the news of the easily preventable security breach, you probably trusted Equifax and assumed if anybody has a secure website, it would be a company responsible for storing the private financial data of just about every adult in the United States. But how do you feel about Equifax now? Did you sign up for their free data protection after you heard about the easily preventable data theft? What about after they asked for 6 digits of your social security number in order to sign up?

While the Equifax hack might not have been due to lack of encryption, it does illustrate the impact a security thread – real or otherwise – can have on consumer’s perception of a business.

85% of Consumers Won’t Stay on an Unsecured Website

Now let’s get back to your business. Whether your website has ever been hacked or not, what do you think will happen if your customers find out your website and their private information is vulnerable?

I’ll tell you what will happen. Your customers won’t trust you. If your customers don’t trust you, they’re going to stop doing business with you and probably tell their friends and family not to do business with you too, and by friends and family, I mean all 600 of them on Facebook.

Potential customers won’t want to visit your website let alone your business. In fact, in a recent study from Hubspot, as many as 85% of consumers won’t stay on a website if a site is not secure. That’s why if you don’t want to lose valuable customers and miss out on growing your business, you can’t afford to ignore the security of your small business website.

Thanks to Chrome, No Unsecured Website Will Go Unnoticed

As it turns out, it’s more important than ever to make sure your website and your customer’s data are secure. Why? Because if you don’t, Google Chrome will warn your customers that your site isn’t secure. Plus Google will soon release Chrome 62, their newest version of their popular browser. Nearly 50% of people use Google’s browser and Chrome 62 will tell users a page isn’t secure if it has a form on it, if that page doesn’t have something called SSL enabled. And by form, we mean any form, even if you don’t ask for credit card numbers.

You Can Protect Your Customer’s Information with SSL

However, there is something you can do to protect your customer’s information and your business. You can serve your website over HTTPS. Oh yeah, this part has a fair amount of letter salad so just picture bacon and/or ranch dressing if your brain starts to spin because this stuff is important to the survival of your business and you need to pay attention if you want your customers to continue to trust you.

Ssl Graphic

What does HTTPS Mean? How Does it Work?

What is HTTPS? HTTPS stands for HyperText Transfer Protocol Secure. HTTPS provides your website with a unique scrambled connection – this limits its vulnerability and means it’s protected in case of an attack.

How does HTTPS work? It works because of something called a Secure Sockets Layer, or SSL. SSL is the technology that establishes an encrypted link between your website & your customer’s browser. SSL is what keeps your customer’s data private. You might also see this security technology called TLS (Transport Layer Security). They’re both referring to the same salad flavor. It’s not important why there are two different names for the same thing. Just go with it because they really are the same.

OK, now take a deep breath, maybe even go sniff some bacon or eat a few pieces of pepperoni pizza dipped in ranch dressing because this next part is what tends to make people’s heads spin. But I’ll do my best to make it as painless as possible.

How Does an SSL Make Your Website More Secure?

How does SSL work? So basically when a person visits your website from their computer at home it’s as if their computer is having a conversation with your website’s server. Think of the server like it’s an apartment building where your website lives. So if your apartment building has no security, anybody can just come inside, see everything and take whatever they want even before it arrives. But if your apartment building – your web server – is secure, it means it has something called an SSL certificate.

Still with me? An SSL certificate is kind of, sort of like a key. This key lets your customer’s browser on their computer know that your website is secure and that any information they type into your website, including things like their address, phone number, and credit card number, won’t be stolen.

How Your Browser and Website Server Communicate

“Ok wait a minute? How does this key or SSL certificate, or whatchamacallit work?” you probably were just about to ask, except your mouth is full of pizza or bacon or even bacon pizza.

If you have good manners, and your hands aren’t covered in bacon grease or ranch dressing, when you first meet someone, you probably shake hands. Well, it might surprise you, but when your customer’s browser needs to “talk” or connect to your website, they also shake hands. No really, I’m serious, the process is actually called a “handshake.”

So when your website is secured by SSL, your customer’s browser and your website server connect using an SSL Handshake. This SSL handshake is what creates the secure connection. It works like a sort of instantaneous conversation where your customer’s browser checks to see if your website has an SSL Certificate and is therefore secure, then sends back a session key which encrypts any data exchanged between your customer and your website.

Picture it like those meetings on a park bench in spy movies. Our two characters’ code names are Nervous Customer and Small Business Website.

  • Nervous Customer: Identify yourself.
  • Small Business Website: Here’s my SSL Certificate.
  • Nervous Customer: Ok, everything looks good. Here’s the key.
  • Small Business Website: Great, I’m reading key now. Our meeting is scrambled, secret, and safe and on the key. Sending it back now.

This key exchange is invisible and instant. But your customer will know it occurred because Google will display a small green lock and the word “Secure” then the letters HTTPS before your website address. If their browser got no SSL certificate from your website’s server or the SSL certificate was no good, Google Chrome would display the warning we told you about before we started feeding you all this letter salad.

Shutterstock 410127688 (1)

Why it All Matters to Your Small Business

Now that you’ve survived all this letter salad, even if you can’t digest it, the important thing to remember is that if your small business website isn’t secure, Google’s browser will warn your customers that their data isn’t secure and that will damage your reputation and you’ll lose the trust of your customers and your business will suffer.

But the good news is, you can still make your website secure by using SSL encryption on your site. That way your customer’s information will be secure and hidden from hackers and other criminals. In turn, your customers will continue you trust you and tell their family and friends they can trust you too.

If you have any questions about SSL, HTTPS, and any other letter salad, or whether your web server has an SSL certificate, leave me a comment below or contact us here at BizIQ. SSL can be complicated, but we can help.

Now go ahead and eat some bacon. You’ve earned it.