How SSL Works
The interaction the majority of people have with the Internet is growing exponentially. Along with that growth comes the increased risk of private information falling into the wrong hands. Whether it be email conversations, personal phone numbers, addresses, bank account numbers, if they're sent through the internet in plain text, they can be read by people or organizations with ill intentions. This is the main reason why scrambling (or the technical term, encrypting) that information is a must for anyone who's serious about their private information remaining private. Whether it be you wanting to keep your own data private or wanting to make sure your clients and customers feel safe doing business with you, the answer is the same: encrypt all the data you send and receive through the Internet.
On top of that, the main players on the Internet like Google have been rewarding websites who encrypt their data on their sites with SSL (Secure Socket Layer), with higher search engine rankings. Their browser "Chrome", starting with version 56.0 now labels non SSL enabled sites "insecure".
Secure Socket Layer (SSL) is a technology that ensures private communication between both parties (server and client) so anything transmitted between the two sides will be scrambled and encrypted using certificates and keys. This means only the two parties can read what's being sent and received. Think of it like a code language, it just sounds gibberish unless you know how to decode it. So even if anyone is listening in on the conversation (technical term: sniffing packets,) they just see unreadable text that means nothing without knowing the keys. In essence, enabling your webserver with an SSL Certificate, prevents the "bad guys" from stealing information sent through your website.
Choosing An SSL Certificate
The simplest way to enable this sort of security on your server is to purchase and install an SSL certificate that's been issued by a globally recognized Certification Authority (CA). There are a few available. Globally recognized means the main web browsers (like mozilla firefox, google chrome, apple safari, opera, microsoft edge...) accept their authenticity. Installation can be quite simple. After purchasing the SSL Certificate, you receive the files you install on your webserver, enable the secure service (optionally disable the insecure service) and your job is done. Everything going through your server is encrypted, secure and private.
As with most everything, there are multiple SSL Certificate options. Some just ensure all data going through your website is encrypted, while others certify your website and business's identity. For that your or business's identity needs to be verified through incorporation documents before the SSL Certificate is issued to you. This further builds trust with the end users of your site. It adds the name of the company in the URL bar in your browser. Think of your bank's online banking portal for example. You definitely want to make sure you're at the right site and that they encrypt all the information when you're entering sensitive financial information.
Besides the rosy side of greater security, more trust, increased privacy, maintaining SSL certificates is extra work. They do need to be installed and renewed yearly (although multi year purchases are available.) The private keys and certificates must be kept safely and securely as they're needed to de-scramble the information and make it readable by humans. So running an SSL enabled server is greater responsibility, which is why it comes with greater trust from your clients, customers and even Google.
We understand security is not for everyone and yes, there is additional yearly costs involved on top of choosing the right one for you. On the other hand, if you do take your and your customers' privacy seriously and want to create the most secure environment for them online, purchasing and installing an SSL certificate is your next logical step.
If your business sells anything online and requires information entered from your customers your options are: