2. 10 Reasons of 2016
ProvesCMSWebsite
Needs anSSLCertificate
You’ve chosen your layout, designed graphics,
generated content and your CMS website is ready to
go live—but first you need to make decisions about
securing it.This is where things hit a snag.
3. What type of security do you need? What do things
like firewalls and secure socket layers even do?
If you’re working for a larger company – one that has
out-sourced the building of the website or has a
specialized team in place to work on it – chances are
someone else has already made these informed
decisions. It’s also likely you’re not using a CMS.
But if you’re a small business or sole proprietor, you
may have some serious questions about how to secure
your CMS website.
In this article we’ll look take a look at Secure Socket
Layers (SSL) and talk about ten reasons you need to
invest in an SSL certificate for your CMS site.
4. What isSSL?
SSL is one component of web security. While it’s
absolutely crucial that you have a working SSL
certificate, it’s worth noting that SSL alone will not
secure your entire site.
What SSL does is encrypts data in transit. When a
visitor comes to your website a connection is made
between their computer and the server your site is
hosted on. The two then begin open communication –
sending packets of information back and forth – that
are at risk of being stolen or intercepted by third
parties. SSL removes that risk by encrypting that
information.
6. CMSsitesareconstantlythetargetofhacking
Content Management Systems or CMS, are one of the
most popular methods for running a website. And of
CMS sites, 75% are on the platforms WordPress,
Joomla, Magento, or Drupal. You might think these
companies would offer some sort of security given
their size and prevalence—you would be wrong. In
fact, these websites are open source and free to use,
making them prime targets for cyber criminals. It’s
not even that hard to hack a CMS site in most cases,
given that they’re open source and largely unsecured.
That’s why it’s extremely important to have multiple
security solutions protecting your CMS website—SSL
chief among them.
7. Manybelievetheentirewebshouldbe
encrypted
Chances are you’ve heard of Edward Snowden. If you
haven’t, we’ll skip the history lesson and simply say that
his actions brought a newfound level of awareness to
privacy on the internet. On the unsecured web, anyone can
– for lack of a better way to put it – spy on you. They can
see what information your computer is sending and
receiving, which gives them insight into what you’re
looking at, who you’re talking to and it might even give
them some of your personal information. Because of this, a
growing movement has emerged that wants to encrypt
everything on the internet in order to protect the privacy of
the individuals using it. It’s a vocal group that, regardless of
your website’s purpose, you don’t want to run afoul of.
8. You’llneedoneifyourwebsiteletsuserslogin
If your website features an option to allow users to log in,
then it’s absolutely essential that you have an SSL
certificate. Think about it, how many usernames and
passwords do you have? Do you have unique ones for each
and every site you visit? Or are you like the vast majority of
internet users and you reuse usernames and passwords at
multiple sites? Chances are, you use that information in
more places than one.
9. You’llneedoneifyourwebsiteletsuserslogin
Now think about this: many of your site’s visitors are likely
in the same boat? Without encryption you’re asking them
to send their username and password unsecured across the
internet where it can be easily stolen. Without an SSL
certificate, a cyber criminal could easily gain access to that
information and then attempt to use it, not just at your site
but at others—like financial institutions or other e-
commerce sites.That’s a risk you can’t afford to take.
10. You’llneedoneifyourwebsitehasemail
Does your website have an email function? If it does then
you really need to encrypt your site. In addition to the login
details that are required to gain access to email – details
that, as we just discussed, are incredibly sensitive – you
also have the potential for a malicious third party to
intercept entire emails if your mail server isn’t encrypted.
And simple SSL encryption isn’t enough in this case, to
truly secure an email server you’ll need an e-mail signing
certificate as well (think of it as a specialized email SSL). It
may seem like a lot, but it’s really essential.
11. You’llneedoneifyourwebsitehasemail
Can you imagine the dangers of allowing emails originating
from your email server to be unsecured? Everything, from
the content of the emails themselves down to personal
information like names and phone numbers in an email’s
signature, would be at risk. As the late Johnny Cochran
once said, “if the data’s at risk, you must encrypt.”
Actually, the real quote was about ill-fitting gloves and
acquittal but you get the over-arching idea: if there’s any
potential risk of sensitive data being stolen, play it safe and
encrypt it.
12. You’llneedoneifyou’recollectinganykindof
personalinformation
Even if you don’t plan on letting users log in or having
email functionality, if your site is accepting any kind of
personal information at all—you need to encrypt. Even
something as seemingly innocuous as a comment sections
can be a vulnerability if you’re asking users to supply a
name, an email address or any other kind of identifying
information.
13. You’llneedoneifyou’recollectinganykindof
personalinformation
All of your users’ personal information needs to be
considered sacred—you have to protect all of it. You are not
the arbiter of what is and is not important information. So,
it’s best to just cover yourself and encrypt if your website is
taking any kind of personal information from its visitors.
Depending on your needs there are some very inexpensive
certificates that will help you to secure your site while
setting your visitors’ minds at ease.
14. You’llDEFINITELYneedoneifyou’rerunningan
E-commercesite
This will likely be the shortest section in this article. Do you
plan on selling things online? If you do, then you absolutely
must get an SSL certificate. To run an e-commerce
business, you will require your customers to give you
pertinent information like their name, their address,
possibly a phone number and most definitely their
payment information. All of this would be extremely
harmful to said customer – as well as to your company’s
reputation – were it to be compromised. Don’t let that
happen, if you’re running an e-commerce business—get
SSL
15. SSLCertificatesinspiretrust
Depending on the type of certificate you purchase, there
are different trust indicators that will appear on your
website. There are three types of certificate. Domain
Validated (DV), which require you to simply prove
ownership of your domain, are the most accessible and a
great solution for non-e-commerce sites. Organization
Validated (OV), which require you to authenticate your
organization, are a solid intermediate choice. Both DV and
OV come with a green HTTPS and padlock in your address
bar. Then there is a third level, Extended Validation, which
requires a more rigorous authentication process, that turns
the whole address bar green and displays the
organization’s name. All of these symbols are instantly
recognizable, synonymous with security and will inspire
trust in your visitors.
16. SSLCertificatesshowyoucareaboutyour
visitors’privacy
As we’ve already covered, your users’ personal information
should be considered sacred. Chances are they certainly
look at it that way. Nobody wants to have their
information stolen and nobody will come to your website if
they think there’s a risk of that happening. That’s why
those trust indicators – HTTPS, the padlock and the green
address bar – are so important. Not only do they inspire
trust, they show your website’s visitors that you care about
keeping their information safe too. In fact, you care so
much that you’ve made an investment to protect their
privacy and give them peace of mind.
17. SSLCertificatesimproveconversions
It is statistically proven that SSL, particularly the Extended
Validation level of SSL, improves the rate of conversions on
your e-commerce site. The more a customer trusts you, the
more they are willing to give you their business. Extended
Validation SSL Certificates require your company to go
through an extensive authentication process (don’t let that
scare you away, it’s simple as long as you have your
registration information up to date), but, in turn, it makes
your visitors’ address bar green and displays your
organization’s name in it.
18. SSLCertificatesimproveconversions
This proves to the user that not only is the communication
with your site encrypted, but you are who you say you are
and that has been verified by a trusted Certificate
Authority (CA). This creates the highest possible level of
consumer trust and significantly raises your conversion
rate. If you’re running an e-commerce business, that’s one
benefit of SSL that makes it less of a cost and more of an
investment.
19. SSLCertificatesCanShowYou’reCredible
As we just discussed, SSL shows you’re credible. All three
levels show you’ve made an investment in your users’
privacy. But the OV and EV level of certificates – which
requires the CA to vet your organization – demonstrate
that you’re willing to verify your identity. The importance
of this cannot be understated. You wouldn’t take a ride
from a cab driver if they didn’t have their information
prominently displayed—that shows you that the person
behind the wheel is who they say they are (and that they’re
licensed).
20. SSLCertificatesCanShowYou’reCredible
Why do you think doctors and lawyers hang their diplomas
on the walls of their offices? Sure, because they’re vain—
but also because people like that reassurance. They like
knowing that the person they’re about to do business with
is legitimate—credible. SSL does that. Not only does it
encrypt but it authenticates. And on the internet – and in
your bottom line – that amounts to quite a bit.