DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

The Importance of Using an SSL Certificate on Your Website

Want to know more about the importance of an SSL certificate? Let's take a look at the reasons why you HAVE to have an SSL certificate installed on your site.

Jim Aron user avatar by
Jim Aron
·
Aug. 09, 18 · Analysis
Like (3)
Save
Tweet
Share
5.58K Views

Join the DZone community and get the full member experience.

Join For Free

As They Say in Chernobyl: SSL Isn’t a Choice, it’s a Lifestyle

Before I came to RapidSSLOnline.com, I had no idea what SSL even was or the purpose of using an SSL certificate on a website. In fact, when I heard the word certificate I started picturing diplomas and participation awards — not digital files. But, that’s just me — I’m a newspaperman in a digital apps world.

It took me some time to understand the nuances of SSL, and I’ll be the first to admit that I still have to look a few things up. There are a lot of moving parts; a lot is going on under the hood. And, none of that is germane to what we’re about to talk about.

Today, we’re going to talk about why we use SSL on websites. To make this more digestible, let’s break this into two categories:

  • Why you SHOULD have SSL
  • Why you HAVE TO have SSL

Because it’s no longer optional. I mean, I guess it is, but it’s like a driver’s license, while you can operate a car without one, it’s going to get you into trouble when the right people find out.

Anyway, we’ll get to that in a few moments. First, let’s start with why you SHOULD have SSL.

Why You SHOULD Have SSL

An SSL Certificate is a digital file that facilitates encryption between a web server and a web host. It prevents your communication from being intercepted or manipulated by eavesdropping third parties.

Now, why is this important? Well, think about the things that get communicated across the Internet on a regular basis — everything from login credentials to banking info. There’s a lot of sensitive information out there. If you’re collecting any of it, you need SSL to secure it. Otherwise, all that information can be stolen. Many industries, like the Payment Card Industry, mandate SSL to be used for that exact reason — it secures sensitive data in transit.

But, even if you’re not collecting personal information, SSL is still a good call. By serving your website over HTTPS, you gain access to advanced browser features, HTTP/2, and avoid browser warnings.

You can also block content injection, which means that ISPs can’t steal your ad revenues by injecting their own ads.

It’s also worth mentioning that higher value SSL certificates (OV and EV) can also supply verified business information that helps keep your customers safe from phishing.

Why You HAVE TO Have SSL

Now, let’s flip things over and talk about why you’re being required to add SSL encryption. The browser community, the bossy group that they are, has started an industry-wide push for universal encryption.

Why do we care what the browsers think? Well, because it turns out they wield quite a bit of power on the internet. Don’t believe me? Try to use the Internet without your browser. You can’t! 99.9 percent of the population would be lost without their browser.

This positions the browsers between users and the websites that populate the Internet. Now, if you’re running a website and you want customers, visitors, patrons, subscribers – whatever you call your target audience – to visit, then you need a browser to bring them to you. Owning a website that can’t be reached by browsers is like being a landlord in Chernobyl — nobody’s ever going to see all that hard work.

The browsers are moving to mandate encryption, and they’re doing this with warnings of increasing severity. It started in January of 2017 when websites with insecure password fields were marked as “Not Secure.” And, it’s going to continue ramping up until any website without SSL is labeled “Not Secure.”

Think about that. Who’s going to come to your website against Google’s suggestion? It’s Google. When is Google wrong? Need to know how tall Brad Pitt is? Google knows. Need to know where to buy YooHoo? Google knows. So, why wouldn’t Google know about this? People trust Google. And, if Google tells them you’re a bad boy, they’re not going to ignore that. It’s also worth mentioning that, unlike the bad boys from high school, bad boy websites don’t get much action.

Let’s Wrap This Up

Let’s review what we’ve learned:

  • SSL Certificates encrypt communication between websites and their visitors
  • Without encryption, all communication can be intercepted or manipulated
  • Many industries, like the Payment Card and Healthcare industries, mandate SSL
  • Any website that collects personal information needs an SSL certificate

Remember, SSL isn’t just a choice anymore. It’s mandatory. But, that’s not the only reason you need encryption. It truly is an Internet security best practice at this point. In an age when personal privacy is being emphasized more than ever, being able to secure information in transit is integral to your website’s success. And, being marked “Not Secure” by Google is tantamount to its failure.

Don’t let Google Chernobyl your website. Get SSL.

Stay cautious, my friends.

Google (verb) IT

Published at DZone with permission of Jim Aron. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Unlocking the Power of Polymorphism in JavaScript: A Deep Dive
  • How To Generate Code Coverage Report Using JaCoCo-Maven Plugin
  • Spring Boot Docker Best Practices
  • Project Hygiene

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: