What is SSL?
Secure Sockets Layer, or SSL, is a security technology that uses a cryptographic system of key pairs which work together to establish an encrypted connection between a server and a client, such as a web server and a browser or a mail server and a user. More specifically, SSL is a security protocol that determines the variables of encryption for both links and transmitted data, and it is an industry standard used by millions of websites. It is easy to tell whether or not a site uses SSL because secured websites begin with “https” in the address bar instead of “http.” Additionally, a green padlock appears in the address bar, or the address bar itself will turn green.

Why is it important?
As hackers and other digital thieves become more active and phishing attacks more prevalent, online security is becoming a greater concern for Internet users. Data needs confidentiality and integrity so an attacker cannot change the details of the data once it is sent. Data sent between a browser and a web server, however, is normally sent in plain text, meaning that attackers who intercept this data can see and use any of the information.

SSL prevents attackers from eavesdropping on or stealing transmitted data. It allows sensitive information like social security numbers and login credentials to be exchanged securely. The benefits of SSL have a wide range of applications in providing security, including: online credit card transactions, system logins, cloud-based computing platforms, and transfers of files over https services, such as website owners updating new pages.

Why should businesses implement it?
Given its use in securing online transactions and exchanges of confidential information, SSL is essential for any website that sells goods or services or needs clients to log in with user profiles. If an e-commerce site does collect credit card information, it is required by the payment card industry (PCI) to have an SSL certificate. For sites that collect addresses, phone numbers, health records, or other private information, SSL certificates are recommended.

Website visitors, whether they are customers or prospects, want to know that they are using a secure connection when they are making purchases or providing sensitive data. SSL shows customers that a business values their security and is serious about protecting their information. Offering customers a safe environment in which they feel comfortable will increase brand power and improve customer trust, and customers tend to reward the brands they trust with increased business.

How can businesses implement it?
A business must apply for an SSL certificate with a certificate signing request (CSR) made on the server, which creates a data file containing website and company details. This CSR data file is sent to an SSL certificate authority (CA), a provider that can issue certificates to businesses or legally accountable individuals. The CA digitally signs the certificate to verify that a trusted third party has authenticated the website identity, which signals browsers to let users know that a website is secure. Once an SSL certificate is received, it can be installed on the server, binding together the domain name or server name with the company name and location.

There are many types of SSL certificates offered by different companies. Their security and quality depends on the amount of encryption bits, which can range from 48 bits to 256 bits. The higher the bit number, the more expensive the certificate will be, but the more security it will provide. Small-scale online shopping websites, however, should be aware that they can use the lesser amounts of bits without an issue. Aside from the amount of encryption bits, the price of SSL certificates also varies based on the type of SSL and the length of time for which the certificate is active. Verisign, GeoTrust, Comodo, Digicert, Thawte, and GoDaddy are some reliable and popular SSL certificate authorities.