¿What is SSL and why you need this?

Basic minimum security necessary for your website and who visits it, knows more about this protocol, its importance and how much it affects your website.

¿What is SSL and why you need this?

Have you noticed that some website at the address bar have a green lock and others don't? This small padlock means that your connection to this website is encrypted, so that all the information you enter in this site, is transported safely. This technology is called SSL (Secure Socket Layer).
Let's break up the matter a little, necessary, nothing new; but dangerously unknown to many.

Let's start with encryption

This is a process by which files or data of any kind, become completely illegible, thanks to an algorithm that messes them up; and an encryption key would be necessary; without it, this message is almost indecipherable. Cryptography, which comes from the Greek Kryptos, which means hidden, and graphé, which means writing; It is older than you think and has been used in art, science and now in technology. One of its main objectives is to achieve the confidentiality of messages. Early civilizations developed techniques for sending encrypted messages during military campaigns. So if the messenger was captured, the message he carried could never be discovered by the enemies.

The first known method of cryptography was in the fifth century BC, it was known as "Scytale", a method of transposition based on a cylinder that served as a key in which the message was rolled to encrypt and decrypt. There are many different, easy and difficult; Some of them have even changed the course of history, such as the famous machine Enigma, with which the Germans almost win the Second World War. It was like a typewriter, with adjustable rotors and plugs, which were configured to encrypt and decrypt messages; Thanks to it, all the German communication that was intercepted was intelligible to the allies. To overcome German ingenuity, it was necessary a contest with the best mathematicians of the time and thus, a new era began; the greatest advances in the field of cryptography as well as crypto analysis did not begin until then.

The Internet and communications

There are few inventions that transform societies, much less those that change the paradigms of humanity. One of the most emblematic it was the wheel and through the centuries there were several more that would promote social development.

However, in 1969 with the first connection of computers everything would be transformed suddenly. 50 years later we do not have to go into detail on how the Internet has changed the way humanity lives, today 40% of the world's population has access to the Internet and the number is growing rapidly.

When the first emails were sent, it was not thought about the repercussions that this would have on humanity, today we are increasingly dependent on technology, this makes us see another perspective of it, the security of data. If I need to send an email to a client with my proposal, very well refined and personal, I do not even think about it, I understand that this email will reach my client immediately and that only he will be able to see it, however, the latter Years, we have seen that privacy is not as present as we think. That is why the security protocols that are used to guarantee that the information reaches the receiver and remains confidential are very important.

I give you some examples, E-Commerce is an activity more and more present in our lives. It makes life easier for us with the fact that, with just with a phone, I can have the things I need at the door of my house. Now, I see something that I like to buy on Amazon and I do not get it in my country, I add my credit card to my Amazon account, I put the address and made my purchase, without asking me anything else, easy and fast. If you look at the top of the browser that you use, Amazon also has this green padlock; Many websites have these locks, your bank in its online version has one, if doesn't, be careful. This padlock represents that said website has SSL encryption, a secure transport for your data, either your information and credit card in your Amazon purchase, or a bank transfer that you made; guaranteeing, even if your information is intercepted, it will not be readable or usable by cyber criminals.

¿What is SSL and why do I need it for my web?

Having enough clear base points to proceed with the central theme, we can understand that an SSL certificate, provides a website with security through cryptographic protocols. These are indispensable for e-commerce sites, financial entities; the truth is any website that has a form where it collects information from its visitors, needs an SSL certificate. Google Chrome, browser that owns more than 66% of the market share of web browsers, marks you as "Not secure" if you do not have SSL certificate, in addition Google don't give you much relevance in the search results if you do not have one. It is a priority and very important to have an SSL certificate for your Web.

In 2014, according to CBS, 47% of American adults had their personal information hacked, mainly through the theft of data in large companies. These are some of the many reasons why Google, Firefox and others now request an SSL certificate as a priority.

There are many ways to obtain them and different types:

SSL Unique Domain: These certificates protect a single domain, that means it will work fine if you are configuring it in www.mydomain.com.

SSL Multidomain (SAN): These are known as SAN (Subjects Alternative Names), this means that this certificate will cover similar domains like mydomain.es, mydomain.net, mydomain.com, etc.

SSL WildCard: Wilcard SSL certificates unlimitedly cover all sub-domains in a single root domain or host name, in this case domains covered by domains like mydomain.com, blog.mydomain.com, shop.mydomain.com.

SSL Organization: This certificate authenticates the identity and information of an entire company. It is similar to the Single Domain but intended for content-based sites that do not need to secure electronic commerce.

Extended SSL EV: This type of certificate is the "safest" option since numerous validations have to be made to obtain it. It is identified at first glance with the address bar in green, the name of the company in said bar in most modern browsers. 

Advantages of having an SSL certificate on my website

The security of the data of your visitors is more than enough, but here is a few other advantages of using SSL certificate with your website:

  • Increase the security of your business since all the information between server and user, travels encrypted.
  • Improves SEO positioning, because Google with certain policies that applied some time ago now cataloges sites that do not have SSL certificate as "No secure" and gives them less relevance in search results.
  • Increase the confidence of your visitors, because with an SSL certificate, users will interact with your website in complete confidence.
  • Increase the number of visits, because to greater confidence, the return of visitors increases, therefore, visits and sales.
  • You certify your company, since the pishing (falsification of site identity) is increasing every day, it is necessary that you guarantee your client that they communicate with you and not with someone else.

With everything described above, an SSL certificate  will make your website a safe site for your visitors, Google will see you with better eyes, Chrome will give you your green padlock, the information of your customers travels safely; There are many advantages. From today to the point where technology is heading, SSL is already a web standard and perhaps the only way to check the validity of a website.

"One of the main cyber-risks is to think they don’t exist. Think data, but also business services integrity, awareness, customer experience, compliance, and reputation.”

Stéphane Nappo
Global Chief Information Security Officer at OVH