Do you need an SSL certificate?

 on Minggu, 15 September 2013  


If you are reading this article, I hope that you are familiar with what an SSL certificate is. If not, read the article What is SSL?
Online Transaction

When is SSL Important?

You should be using SSL whenever you transfer sensitive/private data over the Internet. The obvious example of this is if you own an ecommerce site or bank (I highly doubt that a bank will be reading this post). Some people go a bit over the top and won’t even enter their name into a website unless the connection is secure. In reality, you need to put yourself in the shoes of the consumer. Could they afford the details provided to your site to be intercepted? In the case of a postal address this is probably tolerable but not their bank details.

Trust

The key to your decision is whether the consumer will trust your website. Having an SSL certificate is one small part of building the consumer’s trust. The average consumer probably won’t have heard of SSL but they know that a padlock appearing next to a site is good.

Don’t rely on SSL

It is important to remember that SSL doesn’t actually secure your website, only communications to and from it. You should always follow industry standards when storing personal information and comply with any laws when storing payment details. SSL will not protect you if:
  1. The server is attacked directly – therefore always follow best practices and make sure all software is up to date.
  2. The user’s computer is attacked directly - a virus on your user’s computer can steal personal information before it reaches the Internet. To overcome this, use good anti-virus software.

Should I use SSL if I don’t need it?

No, SSL has a number of disadvantages if it is not required.
  1. Speed – Using an SSL connection is slower as all data needs to be encrypted and decrypted putting extra strain on the web server. SSL not only secures sensitive data it will need to secure everything on the page. This includes images and style sheets that don’t need to be encrypted.
  2. Administrative burden – SSL certificates aren’t free and need to be renewed on a regular basis (usually annually). Some types of SSL certificates require additional paperwork to verify a website’s identity and sometimes the company’s identity. They also require a dedicated IP address which will likely be at an additional cost from your web host.
Hopefully you now understand that SSL certificates can be essential for some applications but are best avoided when not required. Make sure you remember that SSL isn’t the only type of security you should think about and always follow best practices for storing personal information.


Do you need an SSL certificate? 4.5 5 Unknown Minggu, 15 September 2013 If you are reading this article, I hope that you are familiar with what an SSL certificate is. If not, read the article  What is SSL ? When ...


Tidak ada komentar:

Posting Komentar

Diberdayakan oleh Blogger.