As a small business owner or as a startup eCommerce site, saving money and limiting cash output until the website is making money is often a priority. Some things you may be able to save money on such as using a free template to design your site on your own or even choosing a low-cost web hosting service.
Some issues you may be tempted to cut out or put off until the site is fully operational and bringing in profit. If one of those issues is the purchase and installation of an SSL certificate, you may want to stop and think again.
The trick in deciding if SSL (Secure Socket Layers) is a need for your business is really all about what you want with your site. However, before going down this line of thinking, it is important to be clear on what SSL, which may also be marketed at TLS (Transport Layer Security) is really all about.
At its basics, this is the universally accepted method to provide data encryption and security between a web server and a browser. This is done through the server the website points to and interacts with.
Through a Certificate Signing Request, you will generate the necessary text as well as a private key file. The private key remains private; you will never share it with anyone, including your Certificate Authority. However, you will send your Certificate Signing Request with your application and payment to obtain the installation files to turn your HTTP website into a secure https site.
There are different types of SSL certificates. There are also different levels of validation or verification that the Certificate Authority (CA) completes. The most basic level is the domain validation, which ensures you are the authority for the website. Organizational validation provides more depth, including validating or verifying the existence of the organization or individual that has made the application.
The most advanced level of SSL certificate is the EV SSL certificate. EV stands for extended validation, and it provides a rigorous verification of the domain and organizational levels as well as verification of the status of the business or company associated with the certificate.
Types of SSL Certificates
In addition to the different levels of validation, there are also specialized types of certificates. These can range from an SSL product to provide security to a single domain to a multi-domain certificate that can protect multiple domains and subdomains.
A closer look at these can help you to see how they fit within your website design and structure:
- Basic – a basic certificate can be offered at the domain or organization level. It will protect a single domain such as www.mycompany.org. It will offer the iconic padlock, and most of the top CAs will also offer a site seal for use on the website. These are a good option when you have a small website and use only one URL or domain across the entire site.
- EV SSL – for a single domain the EV SSL provides the full green address bar and the display of the CA and the business name in the address bar by the padlock. This is the highest level and ideal for websites with a need for full customer assurance and trust. Most of the top eCommerce sites, financial sites and sites obtaining sensitive information from clients use this option.
- Wildcard SSL certificate – this is a certificate to secure the main domain and all associated subdomains. This is a very cost effective option for medium to large websites when you want to be able to have different subdomains all secured.
- Multi-domain certificates – this is the ideal certificate when you have multiple websites with different Fully Qualified Domain Names and their associated subdomains. While the wildcard is only available to the organization validation, the multi-domain is available at the EV level.
This also includes asking customers to sign up a newsletter, upload a photo or even post comments. Generally, unless the viewers will do nothing other than reading the information on the website, the use of SSL technology is the only way to address online business cyber security issues.
Full Site or Just Specific Pages
With the different options in SSL certificates on the market today, choosing to secure your full site with a multi-domain or a wildcard SSL certainly has advantages.
It allows you to show your concern for online customer security from every page of your site, including the landing pages. It also lets you have signup boxes or expand the areas of the site where customers can interact without any restrictions.
Businesses that use SSL across the entire site tend to have lower bounce rates and fewer abandoned shopping carts. This can all translate into increased sales, easily covering the cost of the technology while providing trust and confidence in your growing online business.
This article is written by Vivek Ram. He is a Technical Blog Writer from Instant SSL by Comodo. He writes about information security, focusing on web security, operating system security and endpoint protection systems.