Ever wonder why some website URLs start with “http://” while others start with “https://”? Browsers do most of the work for us when it comes to verifying website security: when you’re on a secure, encrypted website, you’ll notice your URL begins with “https://” instead of “http://”. But how did that website get your browser’s “Secure” stamp of approval?
It’s all due to SSL website security certification - a tool that encrypts websites just like yours to protect users from credit card theft and hackers. In this blog post, I break down everything you need to know about SSL certification: what it is, why your storage website needs it, how to tell if your website has it or not, and where you can get it. Check it out below!
SSL stands for “Secure Sockets Layer,” and an SSL certificate is a website owner's go-to for website security. Your web browser (like Google Chrome) establishes an encrypted link between itself and the web server using SSL (or the new and improved TLS - short for "Transport Layer Security") to ensure that all data - like credit card information, transactions, emails, and IP addresses, are kept private and protected. SSL/TLS is used by millions of websites to protect their customers from hackers during online transactions.
Without SSL, online transactions are risky. When a user is shopping online and goes to complete a transaction, the user will fill in form fields with their name, billing address, zip code, credit card information, shipping address, and more. If the user is shopping on an unsecured website (a website without SSL), this sensitive information could be intercepted by a hacker.
With SSL, online transactions are protected by a binding connection. It works like this: a user goes to a website and their web browser forms a connection with the web server. Then, the web browser authenticates the website’s SSL certificate and binds together the browser and the web server, ensuring that no one besides the user and the website can see or access the information you type into the browser.
Even if you aren’t doing online move-ins on your website, your website still needs a current SSL certificate to be successful online. Why? Because according to recent research by Hubspot, up to 85% of people will leave your site and go back to search results if a site is not secure. Users are more web-savvy now than they used to be: they’re used to seeing “not secure” warnings like the one below, and they’ll retreat back to search results to shop somewhere else because of it.
The best way to become wildly unpopular with your customers? Give away their credit card information to thieves online. Just ask Target, whose 2013 data breach allowed cyber attackers to gain access to the credit card information of over 41 million customers. While it’s impossible to prevent all cyber attacks, consumers expect e-commerce sites (like Target.com, Etsy.com, and your self storage website) to take steps to protect their security online. It’s simple: when users are entering their credit card on your website, they want to feel safe. A valid SSL certificate ensures customers that your website is trustworthy.
SSL certificates protect consumer privacy through encryption. Encryption uses coding to hide sensitive information, with the number of bits (40-bit, 56-bit, 128-bit, 256-bit) indicating the size of the encryption key. Just like a longer password is harder for hackers to crack, a longer key offers stronger protection against phishing (stealing sensitive data, like credit card information and user passwords). For SSL certification and compliance with various e-commerce regulations, at least 128-bit encryption must be used.
While SSL wasn’t designed to help websites with search engine optimization (SEO), it has SEO benefits as well. Google uses your website’s HTTPS address as a ranking signal in their search ranking algorithm. Essentially, if two websites are equally ranking in Google search results, if one has SSL enabled and the other does not, Google will likely give the SSL-enabled website a ranking boost to outweigh the other.
If you’re taking online move-ins, reservations, or bill payments on your website, you’ll need to meet online credit card security standards. In order for any website to accept credit card information on their site, the site must first pass various audits that show the website is complying with the Payment Card Industry (PCI) standards. These standards serve to protect consumers from phishing scams on e-commerce sites, and one of the requirements for PCI compliance is properly using an SSL certificate.
Thankfully, there are several ways to tell if your self storage website has a valid SSL certificate. For starters, run your website’s full address through Hubspot’s free SSL checker. Simply copy and paste your website’s full address into the toolbar, and the tool will give you an instant result.
You can tell whether a website has SSL or not by paying attention to these distinct differences that show up in your browser.
After you type in the website in your browser’s address bar, the website’s URL should update to “https://” if the website is secure - like in the example below.
Check out a closer view of that secure URL below.
When you see the padlock icon and the word “Secure” next to the website URL, that is a confirmation from your web browser that the website is SSL-enabled. Depending on which browser you’re using, the padlock icon may appear on either the left or the right side of the address bar. If you click the padlock symbol, you can read more information about the website’s security status.
Check out a closer look at the security status of this self storage website below.
SSL certificates are inexpensive and easy to get: if you utilize a self storage website design service (like storEDGE!), they’ll help you get a SSL certificate and set it up automatically for your website. Also, many domain providers (like GoDaddy.com) sell SSL certificates as an add-on with your domain name purchase. (Note: Your SSL certificate is tied to your domain name, so you can't take your SSL certification from one domain name to another.)
Keep in mind, SSL certificates expire after one, two, or three years (you select the time period when you purchase a certificate), so even if your website was previously SSL-certified, you’ll need to renew and replace your certificate regularly to ensure you're still up to date. Website security is a rapidly evolving field, so it's important to keep your server running the latest in security technology to protect your site against hackers. Check out Qualys's SSL Labs to test your website's SSL security level.
Thanks for reading! If you liked this blog post, you may also like: How users search for self storage + the #1 reason why you shouldn't obsessively Google yourself, How to create and maintain your self storage website, and How to create and set up social media accounts for your storage business.