To answer this question, we first need to talk about what an SSL is. SSL stands for Secure Socket Layer. Having an SSL Certificate on your website it is what provides the little padlock next to your domain name showing that the connection to your website is secure. Think of an SSL certificate like a firm handshake between the server that hosts your website and the computer/phone that the visitor is using to view the site. That firm handshake makes it so any information passed between the server and the computer/phone is secure. If you don’t have an SSL, that connection is more like a high-five. Lots of room for people (bots/hackers) to interject in between the connection.
When we first started out, we used to only recommend SSL connections for eCommerce sites. However, that all changed back in April of 2014 when Google announced that they were seeking to create a secure web and that sites with an SSL would have preferential treatment in the search results over those sites that were not secure. Now every site that we sell and host has an SSL, it is no longer an option.
What are the ramifications of not having an SSL on my website?
- "Not Secure" indicator - Chrome Browser (made by Google) has 66% of the browser market share worldwide. If you do not have an SSL, Chrome will mark your site as “Non-Secure”. All major browsers including Firefox and Safari are moving to a user interface that will warn users about insecure pages.
- Consumer distrust – I have received my fair share of notices saying my information had been part of a security breach. Seeing a “not secure” notice when I visit a site makes me a little less likely to want to complete any online transaction (even if it’s not monetary), create an online account or complete a contact form with that company.
- Lower search rankings – It is rare to have Google come right out and tell you one thing you can do to increase your search engine rankings, but they have with SSL. Google has said that they are using HTTPS as a ranking signal.
- Data loss and/or site hacking – the core function of an SSL is to protect your site data. Keep hackers out of your site (strong passwords help here too, more on that in a later blog) and keep your site communications private with an SSL.