Security Socket Layer (SSL)
Having a Security Socket Layer (SSL) is no longer a recommendation; it is actually a requirement and in a lot of cases a good idea. While it is not truly required on information pages, it is most certainly needed on pages where information is being passed back and forth between the user and the website. As of July 2018, Google began flagging sites as “Not Secure” in its browser, Google Chrome. While this approach is somewhat misleading to the common user, the intent has created a major increase in SSL certificate purchases to make sure the user doesn’t confuse the site as truly being “Not Secure”, regardless of whether it actually was.
To keep it simple, our recommendation is to include an SSL certificate on all public facing web properties whether you are transmitting data from the server to the browser or not. There are various types of SSL certificates that you might want to consider, but for the most part it will be heavily dependent on your specific application. We resell GoDaddy products and prefer their usability and support, so while there are tons of options the following is based off of their product list.
There is a Standard SSL, Premium SSL and a Wildcard SSL. In most cases, the Standard SSL is going to be sufficient, which uses SHA-2 & 2048-bit encryption, comes with the little lock alongside your domain name in the address bar and has a warranty up to $100k. The major difference in Premium SSL is that it has extended validation, makes the whole address bar green and has a warranty up to $1M. A Wildcard SSL is more common when you have a lot of subdomains. For example, a SaaS platform will usually utilize dynamic subdomains to separate tenants which is where the Wildcard SSL makes life simpler. Also, an important note, you might have multiple web properties that need an SSL, at which point you can buy certificates from GoDaddy in multiples of five for better discounts.
Regardless of your SSL needs, Web Tech Fusion is eager to help and has the experience necessary to define the need, install an SSL and maintain the solution for your organization long term.