There has been a lot of concern over securing web sites lately with all the hacking that has been reported. The news has been all over the new GDRP (the what?), and Google now requires HTTPS/SSL (the who?) whenever any sensitive information is collected from your web site.
Are you confused enough yet?
This is seriously techy-nerd stuff, but it is not intentionally meant to confuse you. So here is what it all means in (hopefully) non-techy-nerd speak.
First: Google requires HTTPS/SSL on web sites or they won’t show up on search engines: FALSE.
HTTPS/SSL is a lock on your web site. Think of a lock that has a 256 number combination. HTTPS is an electronic lock to make it more difficult for bad guys to get into your web site. And, like any lock, they range in price. But the kicker is that all these locks are the same, the price difference is just what store you go to.
You can get a HTTPS lock for your web site from KoolWebHosting.com for under $5.50 per month (billed annually. Click here to get more information or to purchase a HTTPS / SSL lock for your web site.
But don’t listen to the fear mongers that say Google will kick you out of the search engines if you don’t have this for your web site. This is completely FALSE.
Google rankings don’t change one bit whether or not you have that lock. The lock is made to keep sensitive information secure. If you ask for birth dates, home addresses, social security numbers, etc. (sensitive information), and you don’t have this lock, Google will let your customers know that your web site is not secure. But that’s it; whether or not you have the lock will not affect your rankings in Google, Bing, or Yahoo.
Your customers may care a great deal. If you do collect sensitive information, you may be vulnerable to being hacked without that lock. Get it, what other insurance costs less than $5.50 per month (our certificates are backed with a $100,000 warranty)?
“So great,” you say, “But what about this GDRPTIBD whatever?”
GDRP is a law from Europe, just like internet laws we have in the US. GDRP, or General Data Protection Regulation, is a set of rules web sites must comply with IF (IF) they work with people in the European Union. If you are a Los Angeles company, and you sell as far away as New York, this doesn’t apply to you. If you ship to or from Asia, this has nothing to do with you.
You only need to be concerned with the GDRP if you do business with the European Union. Here is a Wikipedia article on the GDRP if you are interested.
To recap: You do not need to secure your web site if you are gathering person’s name, phone number, and email address; that information is not considered to be “sensitive.” You should be securing your web site if you ask for date of birth, social security number, physical address, or any information that would be thought of as sensitive.
And remember, getting security for your web site will never hurt. When in doubt, get it.
Photo courtesy of Markus Spiske