SSL Security

What is SSL and why is it Important?

SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.

When you land on a website page that has a form, after that form is filled-in and you hit ‘submit’, the information you just entered can be intercepted by a hacker on an unsecure website.  This information could be anything from details on a bank transaction, to high-level information you enter to register for an offer. In hacker lingo, this “interception” is often referred to as a “man-in-the-middle attack.” The actual attack can happen in a number of ways, but one of the most common is this: A hacker places a small, undetected listening program on the server hosting a website. That program waits in the background until a visitor starts typing information on the website, and it will activate to start capturing the information and then send it back to the hacker. Scary stuff that is no longer just is sci-fi movies.

But when you visit a website that’s encrypted with SSL, your browser will form a connection with the webserver, look at the SSL certificate, and then bind together your browser and the server. This binding connection is secure so that no one besides you and the website you’re submitting the information to can see or access what you type into your browser.

This connection happens instantly, and in fact many suggest is now faster than connecting to an unsecure website. You simply have to visit a website with SSL, and voila: Your connection will automatically be secured.

Benefits of SSL to Your Content

certified-partners-icon.svg

Trust is the foundation of a your relationship with your visitors and customers. With SSL enabled you can build trust with people visiting your site, and ensure their information is safe. The visual cues on an SSL-enabled website clearly show the visitor that you value their safety and are protecting their information from potential hackers.

exposure-icon.svg

Increased visibility in search results. Google now factors SSL into its algorithm and has publically stated that a website with SSL enabled may outrank another site without SSL.

beta-integrators-icon.svg

Peace of mind. DTES Web & Directory Services Solution is to provide all clients with a free standard SSL service from Let’s Encyrpt to ensures security. This means you can spend more time on your marketing and less time worrying about potential security incidents.

 

Let’s Encyprt (DV) Certificate

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.

The key principles behind Let’s Encrypt are:

  • Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

We have a page with more detailed information about how the Let’s Encrypt CA works.

  • Validation of the registered domain
  • 2,048-bit RSA Signature Key
  • Up to 256-bit Encryption strength
  • HTTPS connections
  • Removes the “Not Secure” browser warning

 

Is Let’s Encrypt Good Enough for My Site?

First of all we need to understdand Validation Levels of SSL certificates.

There are actually several different types of SSL certificates, which vary based on the level of validation they provide. The three main options are Domain Validation (DV), Organization Validation (OV) and Extended Validation (EV) certificates. Each offers a higher level of security than the last, and requires a more comprehensive vetting process.

Currently, Let’s Encrypt only offers DV certificates. While this may be enough for smaller and more personal sites, larger business and e-commerce sites often require a higher level of validation. Sites that are secured with OV and EV certificates are also more often displayed as secure in browsers, which as we mentioned is vital for improving visitor confidence in your site.

Which Type of SSL Certificate Should You Choose for Your Site?

Ultimately, your decision will come down to the individual needs of your site, as well as your budget. If the site you are looking to secure with an SSL certificate is a part of your business, it’s worth looking into paid options with higher levels of validation. The extra layer of security will reassure potential customers, benefit your search engine rankings, and protect sensitive user and customer data.

That’s not to say Let’s Encrypt is a poor option. In fact, it’s backed by some of the world’s largest companies – including Facebook, Mozilla, and Google. At the same time, if you feel you need to have an OV or EV certificate we can help you with that and offer compeitive prices on certificates from other well respected .

With that said, while Let’s Encrypt will provide protection if your site accepts credit card or other confidential information, you may want an EV SSL certificate to enable the green address bar. Let’s Encrypt, as a free ssl, doesn’t support this feature.  Feel free to ask for our advise on this matter for your site.