‘Secure’ or ‘Not Secure’: Why You’re Seeing This Message Next to Your URL
October 31, 2018
Partner + Technical Director
3 min read
Google Chrome, Mozilla Firefox – many top-tiered web browsers have recently installed a security feature that checks for SSL Certificates on websites and denies access to those who don’t have an active certification. You may have noticed this new feature right next to the URL, where a green, or red, padlock icon is displayed. This is an important step towards providing a more secure browsing environment for all internet users, and many other web browsers are stepping in line and following suit. We’d like to shed some light on what this new features means for the future of web browsing, and how it could affect your business online.
Understanding SSL Certificates
It’s important to first understand why these companies are implementing this feature. In a nutshell, SSL Certificates can do two things: verify domain ownership, and provide a secure link between a website and a visitor’s browser, ensuring that all data passed between the two remains private and secure. Google, and many other companies, are now screening websites for SSL Certifications. If a website has an active certification, these browsers will provide a green padlock icon in the URL. If it doesn’t, the browser will flag the website and provide a red warning symbol, along with the words ‘Not Secure.’ SSL Certificates dictate that a website has implemented an SSL encryption that will prevent hackers from stealing private information, like names, addresses, credit information, and so on:
- Authenticating Ownership through Validation. This process ensures that you are the true owner of your website, and not somebody who is pretending to be you. More often than not, this step is completed by responding to a Domain-Control-Validation (DCV) email. There are three levels of SSL validation, all of which work to verify domain ownership:
- Domain Validation (DV). This is the most basic level of validation, which certifies that you are the owner of your website. It signals to your browser that the website is spoken for, and maintained by who it says it’s maintained by.
- Organization Validation (OV). This takes validation a step further, offering a more in-depth verification process that will validate a website at an organizational level, detailing geographical information on your organization’s city, state, and country it is registered in.
- Extended Validation (EV). Going even further, extended validation will contain your organization’s legal name, and display it in green beside your URL.
- Maintaining data integrity. This protects the content uploaded and shared to your website, like page content, blogs, contact info.
- Encrypting data. This keeps all data transferred between you and your clients private.
- Boosting Search Engine Optimization. Google now favors websites that maintain an active SSL Certification, in an attempt to provide a good experience for it’s browsers.
This is an important step towards providing a more secure browsing environment for all internet users
What this means for your business
Any business storing and communicating private client information online should make security a priority, let alone any accounting firms. With more and more online security threats present each day, it’s becoming a critical part of building and maintaining trust as a professional business. More than a logo on a website, keeping an active, up-to-date SSL Certificate shows current and future clients that you are serious about keeping their information private and secure. Google is even beginning to favor websites in searches who are certified, choosing to display sites that they trust to their searchers. This is an important part of maintaining an online presence, and keeping your business as front and center as it possibly can be.
Many domain hosting companies offer a SSL certification process, whether it’s included in the contract terms, or it’s a separate offering. If your website host doesn’t offer certification, or can’t provide the level of validation you want/ need, it’s good to note that obtaining your SSL Certification from another source can be easy, and relatively inexpensive. We should note, however, that the best bargain lies within a company that includes certification as a part of their hosting service, ultimately bundling and providing you the right levels of security and trust that you and your customers need.
For any questions you may have about SSL certificates and/or how you can secure your own site, please feel free to contact me at 317-296-6439 or email at email@example.com.