Preparation / Context: At school I was in the same year as Mark Shuttleworth. To paint a picture here, let me review our joint achievements. Mark led the school as head prefect; I led the detention list as head trouble-maker. While he was smoking Maths on the Eisteddfod leaderboard; I was smoking cigarettes behind the cricket scoreboard. Starting to see a pattern?
• Digital security certificates
• Website security certificates
• Charity websites
• School websites
• Online loyalty clubs
People often ask, what did Shuttleworth do to make all his money? The short story is that he created a company that sold digital security certificates. Shuttleworth’s company, Thawte, was sold for around $350m in 2000, so those little certificate thingies must be pretty important. World Wide Creative uses them when we develop e-commerce portals for clients, so since we’re focusing on security this month, let me investigate a little further.
What is a website security certificate?
A website security certificate (or SSL certificate) is a seal that is awarded to a site whose code is effectively encrypted against external sources from viewing it or accessing it. In other words, if a website has sensitive data on it, such as a banking site with your private banking details, then the information displayed needs to be protected and accessible only by you. A site such as this is made up of code that is encrypted, and thus has a website security certificate to verify that it is safe for you to store private information. If a site has a valid certificate, it also means that a certificate authority has taken steps to verify that the web address actually belongs to that organization.
Why would I want a security certificate for my website?
The most common scenario is if you’re creating an e-commerce website, where your website visitors are required to input banking details in order to make a purchase. Other websites include finance, investment or banking sites, loyalty clubs or schools and charity organisations where donations are made. As a website owner or developer, your site must encrypt visitors’ information. It must have a valid certificate to protect both visitors and yourself against attackers who create malicious sites to gather information.
How can I tell if a site is secure?
Look at the address bar of the browser you’re using to visit a site: if it says “https:” instead of “http:” in the website address, it means that the site has been verified as a secure website. You will also notice a closed padlock in the status bar at the bottom of your browser window.
How do I obtain a website security certificate for my site?
You will need to contact a service provider such as Shuttleworths’ Thawte. The Thawte website has a good introduction guide to SSL, with clear resources to dig into.
Is security really something I need to take seriously?
Whether you’re a digital agency or a marketing manager in a firm, you only have to look at the number of sites being hacked into over the past 12 months. Even if your site doesn’t require secure log-ins or permissions, you must ensure that the correct steps are taken in order to protect your website content from being compromised.
These days, with the number of hackers, cyber-stalkers and virus-mongerers trawling the web increasing exponentially, it is essential that web developers and clients are serious about security. Mark Shuttleworth realised this early, and got wealthy as a result. Now, digital marketers must make the decision: lead the way or get stuck in online detention.