Whether you do or don't have an SSL certificate on your website, here is an update on their use in view of GDPR and upcoming Google Chrome updates.
We’ve written about SSL Certificates back in 2015 and you can read that blog post here. This post is an update to highlight some key issues coming up and to explain the effect of having an SSL certificate for your website. It will help you decide whether you need to take action or not.
An SSL certificate is what enables the secure HTTPS connection to your site and data that is transmitted to and from it is encrypted. Sites with an SSL certificate have a green padlock in the address bar of your browser to inform visitors their connection is secure. Details can be viewed when it is clicked:
SSL certificates have traditionally been a requirement for sites with any kind of e-commerce but now the benefits are becoming more widespread and are considered a necessity rather than a 'nice-to-have' for any website.
From July 2018, Google Chrome will be marking non-HTTPS sites as 'not secure' - effecting all websites, including brochure/marketing websites. This will show the words “Not secure” prominently in the address bar of your browser. More on this can be found in this article.
Whilst open to interpretation, it’s clear that you need to encrypt personal information during processing as part of GDPR. (eg. when accessing and interacting with a website). Any CMS such as Umbraco where you login, you send your username (usually your email address) and password over the internet. Using SSL we can encrypt this data in transit, protecting personal information from any unwanted interception.
Considering all the benefits, we recommend using SSL for all websites.
If you have any questions about SSL certificates, please contact us. We'd be more than happy to provide clear advise on how this could affect you as well as provide guidance on the type of certificate you may benefit from having.