Websites can transmit a lot of sensitive information during a typical browsing session. Consider what you share online every day: your email address, mailing address, phone number, credit card info, even your login credentials. That’s a substantial amount of information you don’t want falling into the wrong hands! The secret to keeping your and your visitors’ info safe lies in SSL (Secure Sockets Layer) certificates. Learn what SSL certificates are, which websites need one, and what else you need to do to protect yourself and your visitors.
Gamers and music lovers alike may want to reset their passwords after reading the latest headlines. Last week, gaming client Steam announced they had found, and fixed, a severe security flaw that left local systems vulnerable for the past 10 years. The vulnerability would have allowed cybercriminals to infect any of its 15 million users with malware. A few days earlier, ticket distribution website Ticketfly fell victim to a cyberattack. The cybercriminal responsible defaced the website and claims to have a file of user and customer information taken from its database.
Would you do business with a company you don’t trust? Believe the words or intentions of someone who seems deceptive? How about confide in someone you don’t know very well?
The obvious answer is no. Trust is one of the most important factors in any relationship, whether it be personal or professional. Despite this, only 22 percent of brands are trusted.
As a website owner, it is critical your visitors trust your website—otherwise they’ll leave and may not return. After all, it only takes users 50 milliseconds to form a first impression of a website, a very short window to prove credibility.
As a startup, your website is critical to your success: it’s the face of your business and likely your primary channel for revenue and lead generation. However, your website and your business are put at risk every day by an unseen threat: cyberattacks.
The average website experiences 59 attacks every day, any of which could result in stolen customer data, blacklisting by search engines, or suspension by your web host. A successful attack on your site could also impact revenue, tarnish your reputation, and degrade customer loyalty. To protect against a possible cyberattack and mitigate the consequences it could have on your business, you’ll need to invest in website security.
Over the last year I’ve led a multitude of security workshops aimed to educate entry-level WordPress users about website security. Some of the questions I regularly field in these workshops are related to the mechanics of SSL certificates, and their role in protecting website data from prying eyes. As you may know, the installation of an SSL certificate on a web server allows the server to accept traffic on the hypertext transfer protocol (secure), or simply ‘HTTPS,’ the primary form of encrypted data transfer between websites and visitors. I’d like to share the answers to some of the most frequently asked questions I’ve had on the subject.
HTTPS and SSL Certificates
The first thing I’d like to clarify on the subject of HTTPS and SSL certificates specifically is that the use of SSL certificates and HTTPS do not in any way, shape, or form protect the data on your website itself. HTTPS encrypts data in transit only. Neither does it protect data resting on visitors’ computers. You should consider HTTPS the armored truck of websites, not the bank vault. It acts as the protection against adversaries while data travels from point ‘A’ to point ‘B’.
Talking about cybersecurity is equivalent to addressing the elephant in the room. It needs to be addressed, but the issue often gets pushed to the backburner. Studies show that 70 percent of Americans shop online at least once a month. However, over 30 percent of consumers say they hesitate to make those purchases due to security concerns, like credit card data theft.
As an online retailer, it is time to address the elephant in the room by addressing your customers’ fears. To get you started, we cover four basic—yet essential—website security tips to protect your eCommerce site.