Identifying and Using Secure Websites

What is SSL?

SSL (Secure Sockets Layer) is a standard security protocol used to establish encrypted links between a web server and your browser for online communication. The use of SSL technology ensures that all data that is transmitted between the web server and the browser remains encrypted (or coded). 

Related image

 

When entering a website, you may notice the “http” and “https” that comes before the website address. An https site, also known as SSL, is more secure and is important when used to protect information that is flowing between the web server and your browser.

 

Image result for https vs http

Note:  Regarding our client websites that request user names and passwords:  Runbiz CMS forces the encryption of all passwords, even if the website does not have a SSL certification (HTTPS). 
 

 

How HTTPS (SSL) Works:

All secured websites must register and activate their SSL certificates through a certification authority, which verifies the legal identity of the company seeking the certificate and whether the applicant controls the domain mentioned on the certificate.


The web user asks the browser to make a secure connection to a website by typing the websites address into the browser. The users’ browser asks the websites’ server to identify itself by sending a copy of the SSL certification to the browser. The browser then checks the certificate to make sure that it is from a trusted and valid source, then will send a session key to the browser and the server to encrypt (code) the information that is transferred and an additional key to unencrypt the information upon arrival to the users’ browser and/or to the web server.

When is it beneficial for users to be on an HTTPS (SSL) Website:

  • The SSL certificate ensures that information, like credit card numbers or personally identifiable information, isn’t stolen during transmission.
  • The SSL certificate also assures the user of the legitimacy of the website.

How do you know if a site is secure?

• Secured with SSL

o https:// before the websites address


• Not Secured

o http:// before the website address



Is it safe to view a website that does not have the https:// (SSL certification)?

  • If you are using the website to transfer information such as credit card numbers, names, birthdays, addresses, or other types of personally identifiable information, then no, it is not safe to use.
  • If you are viewing public information, such as the news or a tournament’s baseball scores, then there is no need for the information to be secured and the site is safe to use.

 

Google’s New HTTPS (SSL) Policy:

In the near future, all websites that do not have an SSL(secure socket layer) certificate, will be subject to the following for all websites viewed in a Google internet browser:

1) If you do not have a SSL certificate for your site, you will start to see a "Not Secure" warning on the browser when people visit your site in a Chrome browser.

2) Google will start to prioritize search rankings based on if you have an SSL certificate. That means if someone is searching for your website, Google will not put you near the top if you do not have the certificate.

 

Starting in October of 2018, Runbiz is requiring all web clients to have SSL certificates for their website. Google has not posted an official date, but most blogs are saying that Google could make this switch as early as October of 2018. This could potentially hurt your business because Google is still the #1 search engine, as well as the #1 browser that consumers are using. After the SSL certificate is installed, you will see the following on your browser when people view your site.


 



RUN BUSINESS SOLUTIONS
PO BOX 51207 
Amarillo, Texas 
79159-1207

Great care has been taken in producing this compilation of resources. Citations are given as possible, but please know that this piece of work is from a collection of extraordinary minds.