Running a business over the internet, you must understand security and privacy of the user and business data. Learn why SSL certificate is important for information security and how it help you to make your business successful.
2. Contents:
Introduction 3
TIP 1 – Do you want to grow your business? 4
TIP 2 – How do I know if visitors trust my website? 4
TIP 3 – Do you want to increase business credibility? 5
TIP 4 – What data needs protection? 5
TIP 5 – Are you struggling to convert customers online? 6
TIP 6 – I don’t sell online, but I collect data. Do I still need SSL? 6
Why Thawte? 7
Why SSL is a must for your business
2
®
3. Why SSL is a must for your business
3
®
Why SSL is a must for your business
Introduction
Before dealing with the ‘Must’ of SSL, let’s look at the ‘Why’. Any organisation transacting business online needs
SSL (Secure Socket Layer – the standard security technology for establishing an encrypted link between a web
server and a browser). Why? Because, once you understand exactly what dark forces you are up against by failing to
encrypt your data and that of your customers to the highest levels, and how that failure can have a devastating effect
on your online business and reputation, the ‘Must’ will become self-evident.
Unprotected sensitive data is the bread and butter of attackers, leading to identity theft, fraud and theft of financial
resources from your customers. And the attackers aren’t fussy about what size of business you are either. Data
breaches happen to large and small, public and private companies. So, if you think it’s only the more high-profile
enterprises they have in their sights, you are wrong. Indeed, hackers are increasingly targeting small to mid-sized
businesses, simply because those networks tend to be less secure. In today’s online world, everyone is at risk.
Whatever the scale and reach of your business online, failure to protect your customers’ data –by not encrypting the
data or neglecting to protect the encryption keys – is like opening the bank vault and saying to the hackers: “Help
yourself.” Anyone who’s suffered a data breach will know that the costs associated with that can be punitive and wide
reaching, particularly lost sales, and brand and reputational damage. It’s a road nobody who has already been there
ever wants to go down again.
For those that haven’t endured such a calamity, it’s something to be strenuously avoided. And yet, despite the horror
stories of breaches that appear in the media day after day, many businesses are still leaving themselves and their
online customers dangerously exposed to such attacks.
So here comes the big question: “How safe are you?” As a ‘sanity check’, let’s start by asking if you can answer any
of these questions with a ‘YES’:
• Is your website your business?
• Will your website be used, or is it already being used, for e-commerce?
• Are you struggling to convert customers online?
• Does your website have a login or secure customer area?
• Are you processing credit card payments?
At least one applies to you? Then you need SSL.
Following are six tips designed not only to keep you and those who transact business with you safe and secure, but
also help you provide a better online experience, reassuring your customers that you are credible, trustworthy and
someone they can rely on, time and time again.
4. Why SSL is a must for your business
4
®
TIP 1 – Do you want to grow your business?
Of course, you do. You’ve invested a lot of time, thought and money in establishing an online presence and want to maximise
the payback from that. But before you can grow your business to its full potential, you need to grow your customers’ trust first.
This is especially true when you accept credit card numbers online or ask users to create an account with their personal
information. You need to demonstrate clearly that your website can be trusted. How do you do that? Most SSL certificates
come with a green bar, padlock and trust logos. You’re telling prospects and customers that you value their security as much
as you value their business.
The Thawte®
Trusted Site Seal gives your website instant credibility in the online world by visually reassuring customers
that your site’s identity has been verified and that it is secured with SSL. By adding the seal script to your secured
home page, buy page, sign-in page, and all other pages in your secured domain, you will be giving your customers
the assurance they now increasingly look for before transacting business with you. The seal will display within about
two hours after installation and show that your site is secured by Thawte.
Moreover, the Thawte Seal is a globally recognised trust mark, available for display in 18 languages
and included free when you purchase a Thawte®
SSL Certificate.
TIP 2 – How do I know if visitors trust my website?
There are clear and measurable statistics that will tell you unequivocally whether your website invokes trust from those
who visit it. The most important ‘tell-tale signs’ that show how you rate and precisely what your customers think of you
will be reflected in the following:
• Traffic volumes
• Repeat visits
• Willingness of customers to share personal details
• Willingness to complete transactions.
All of these are clear indicators of how your site is perceived by those who visit. Putting a ‘trust badge’ on your website
is a sure way of increasing conversion rates, because it convinces potential customers that doing business with you is
safe and secure – essential as online fraud continues to soar.
Not surprisingly, those who drop out of a purchase often mention concerns about payment security as a reason.
Habitually, the deciding factor for not going ahead and making a purchase is down to the fact that the site is missing
a trust seal. In other words, no trust has been established and those potential customers will not risk sharing personal
details and completing a transaction.
Millions of online businesses use SSL certificates to secure their websites and allow their customers to place trust in
them. The payback is that trust seals increase conversions and repeat visits, while decreasing shopping cart
abandonment. According to non-profit security analysts at the Online Trust Alliance: “The adoption of best practices
not only helps to protect customers, it also builds brand integrity, enhances click through and reduces the risk of
shopping cart abandonment.”
5. Why SSL is a must for your business
5
®
TIP 3 – Do you want to increase business credibility?
First and foremost, avoid copycat websites with the same company name. Phishing attacks that pose as your com-
pany’s official website diminish your online brand and deter customers from using your actual website, out of fear of
becoming fraud victims.
Phishing lures unsuspecting people to provide sensitive information, such as usernames, passwords, and credit card
data, via seemingly trustworthy electronic communications and is an ongoing global threat of massive scale and nearly
unlimited reach. Even phishing scams aimed at other brands can impact your business. The resulting fear caused by
phishing can cause consumers to stop making online transactions with anyone they can’t trust.
And there are other risks to your business, apart from the direct costs of fraud losses, namely:
• A drop in online revenues and/or usage, due to decreased customer trust
• Potential non-compliance fines, if customer data is compromised.
While there is no silver bullet, a number of technologies can help protect you and your customers, and drive up busi-
ness credibility. With many of the current phishing techniques relying on driving customers to spoofed websites to cap-
ture personal information, technology such as Secure Sockets Layer (SSL) and Extended Validation (EV) SSL is critical
in fighting phishing and other forms of cybercrime by encrypting sensitive information and authenticating your site.
Security best practices call for implementing the highest levels of encryption and authentication possible to protect
against cyber fraud and build customer trust in the brand. SSL, the world standard for online security, is the technology
used to encrypt and protect information transmitted over the Web with the HTTPS protocol. SSL protects data in mo-
tion – which can be intercepted and tampered with if sent unencrypted. Support for SSL is built into all major operating
systems, web browsers, internet applications and server hardware.
TIP 4 – What data needs protection?
Private data that only you (the website owner) and the user should know, the most obvious are:
• Credit card details • Passwords • Log-in credentials • Personal information.
Protecting credit card details: Private data should only ever be known to you (the website owner) and the user.
Collect enough personal data and identity theft may become a real threat. So any organisation that deals with
customers must ensure the personal details their clients share with them remain strictly under their control –
and out of the hands of hackers awaiting any opportunity to migrate this data to their own systems.
Passwords and log-ins: It is vital to inform your customers to use strong passwords to protect their devices and data.
Passwords should never include obvious information, such as a name, birth date or other data that is easy to find. They
should be a blend of upper- and lower-case letters, numbers and symbols.
If you are hosting a public website with a sign-in or log-in feature or a website where customers enter credit cards or
other high value, personally identifiable information, you need to ensure that information is safe from hijacking.
Personal information: Collecting individual pieces of private data may not seem such a big deal, but, if you collect
enough personal data, identity theft may become a plausible threat to your customers and potentially affect the
reputation of your business.
The antidote that keeps users’ critical data secure is SSL. SSL verifies that the website owner is really who they claim
to be. If you are at risk of being spoofed by phishers, or otherwise need to be able to prove to your visitors that you
really are who you claim to be, then SSL can help users confirm your identity by clicking on the padlock icon to get more
information about you. You may also choose an SSL certificate with more visible security features – e.g., the ‘green bar’
provided by Extended Validation certificates - to visually reassure customers that they are safe to transact.
6. Why SSL is a must for your business
6
®
TIP 5 – Are you struggling to convert customers online?
If you are having a hard time persuading potential customers to transact business with you, first you need to get to the
root causes. Awareness of the potential dangers that now exist online is growing, so winning your customers’ trust first
and foremost is essential, else the odds that you will be able to convert them, and thus growing your business, are
extremely poor.
The onus is on you to show that your website can be trusted, especially when you accept credit card details online or
ask users to create an account with their personal information. Conversion and trust are inextricably linked.
So, when they come to your site, savvy customers will:
• Be looking for an ‘s’ after ‘http’ in the URL bar and a closed padlock
• Check the padlock for a digital certificate
• Seek out the green bar or trust signs and seal to confirm it is safe to transact with you online.
Most SSL certificates come with a green bar, padlock and trust logos. By displaying these on your website, you are tell-
ing prospects and customers that you value their security as much as you value their business. However, if you cannot
provide them with the surety that they are safe in your hands, the chances are they will walk away and find someone
else who can.
TIP 6 – I don’t sell online, but I collect data. Do I still need SSL?
Yes, you do, because that is how you gain the trust of your customers. Even if you don’t sell online, your customers will
appreciate the care you take to protect their personal data – especially if you have a secure-access area on your site.
And even if you don’t store any personal data, visitors might still look for the padlock, green bar or trust seal when
visiting your site. Failing to show any of these could persuade those potential customers to leave your website
straightaway. An SSL logo or padlock is a sign of trust and authentication. And that means staying safe online.
Therefore you should display visible signs that show your site is secure, scanned and trustworthy. It is your ‘badge of
honour’ that reassures anyone about to do business with you that they can do so with impunity. But how much notice
do people take of such assurances? A great deal is the answer. With 673 million websites active by the close of 2013 –
forecast to hit the 1 billion plus mark by the end of 20141
– would-be purchasers have become highly skilful and adept
at evaluating those they visit. With the average page visit calculated as lasting less than a minute2
,the first 10 seconds
are critical3
– if you haven’t won them over in that brief window of opportunity, the chances are they will quit your site for
one that they feel they really can trust.
The message from all of these tips is only too clear:
Protect data in transit with an SSL certificate from Thawte today.
1
Internet Live Stats – http://www.internetlivestats.com/total-number-of-websites
2
Nielsen Norman Group – http://www.nngroup.com/articles/how-long-do-users-stay-on-web-pages
3
Nielsen Norman Group – http://www.nngroup.com/articles/how-long-do-users-stay-on-web-pages