SSL, chances are that you’ve heard that term thrown around a bit, but what does it actually mean and what is an SSL certificate?
SSL stands for secure sockets layer and in essence what an SSL certificate guarantees is that the website you’re on is a trusted website. Look at your browser, do you see the little padlock in the top left? This means that this website is secure – it’s encrypted using HTTPS and has an SSL certificate.
Perhaps when you’ve been browsing, you may have noticed that most sites start with HTTPS, but some just with HTTP? The ‘S’ in HTTPS stands for secure, what this means is that that website is secure and any information divulged will be encrypted. If a website’s URL begins with HTTPS, then you know that it has a SSL certificate.
SSL certificates are quite a big deal.
If we break it down into layman’s terms, a site with a SSL certificate gives you peace of mind that whatever information you fill out on that site will be encrypted. A popular way for hackers to gain access to your sensitive information is to intercept whatever data you’re sending to a website.
For example, you fill out payment details on a site without an SSL certificate and send it. Prior to this, a hacker has installed software on the server hosting the website so whenever information is sent, they are privy to it and can see everything you have sent. This is known as a ‘man-in-the-middle’ attack and is more common that you might imagine.
If you’re filling out payment details on a site with an SSL certificate you can be assured that your data will be secured. Not because it stops the man-in-the-middle attacks, but because the information the man-in-the-middle receives is encrypted and therefore useless.
Generally speaking, an SSL certificate won’t slow down a website but it will guarantee the security of whatever data you choose to send. This is why it’s particularly important to ensure that there’s always a padlock in your browser when you’re sending credit or debit card data.
Not all SSL certificates are born equal, there’s various ones. Here’s how they differ.
Extended Validation SSL Certificate
This type of certificate is the daddy of SSL certificates. It shows the full URL and the aforementioned padlock. This type of certification is the most expensive to acquire but it is vitally important for websites which deal with sensitive data such as payment details i.e. e-commerce websites. Here is a good example of a secure web development and marketing website URL.
Organisation or OV certificates offer a medium level of security and with it, a medium level price point. A website with an OV certificate would have a green padlock in the browser. It’s ideal for websites which do receive data from its users, but not that of a sensitive nature.
This SSL certificate offers low-level protection, it is very quick and simple to receive a domain validation – therefore the price tag is lower than that of an extended validation certificate. It’s an acceptable level of security, but unlike the previous certificates, a site with the SSL certification will not be able to see who is receiving sent and received encrypted data.
Wildcard certification, sounds rather enticing and gives both user and site owner peace of mind that their data is encrypted. This type of SSL certificate is valid for only one domain and subsequent subdomains. However, it remains a popular choice for those who do not deal with sensitive data such as payment details.
Finally, we have the also rans, unified communications, and single domain SSL certificate. Further information can be found on them by following the link.
Concerned about your website security? Chat to Panda I.T. about your website hosting, we can help. Call us on 03333 660 200.