SSL is the security technology which ensures an encrypted link between a web server and a browser. This secure link makes sure that all data that passes between the server and browser remains private. How do you know if you have SSL encryption on your site? Simply check the address bar in your browser to see if the url begins with https (the s at the end is the vital bit, standing for secure):
You might also notice from the little screenshot example above (taken from Chrome), that urls are clearly marked as secure with a padlock icon. Since the end of October 2017, Google has further increased its efforts to ensure all websites are running under the HTTPS protocol, by beginning to label insecure pages with clickable informational alerts. These let the user know that a site has not been secured. Google has also, since the end of October, begun clearly labelling all non-HTTPS Chrome incognito browser sessions as “Not secure”.
Aside from the critical encryption benefits of ensuring your site uses HTTPS (vital if you have any kind of financial transactions going on via your site, not to mention the use of, or creation of passwords and user accounts), HTTPS is also considered by Google to be a ranking signal. Way back (!) in 2014 when Google first announced this, they were quoted as saying “we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.”
To properly encrypt your site with the HTTPS protocol, you need to purchase an SSL (Secure Sockets Layer) certificate. When installed on a web server, the certificate activates the padlock icon in your browser and the https protocol, allowing secure connections from a web server to a browser. Most companies offering SSL certificates offer them in a variety of “flavours” with the ability to protect, single or multiple domains as well as offering slightly differing levels of encryption and warranties.
So, don’t delay. If your small business website is not yet using HTTPS (especially if your site deals with sensitive information such as passwords and credit card details), get it now and secure your website.