Tag Archives: websites

General, Secured Sockets Layer (SSL), Security

A Crash Course on SSL Certificates – A MUST Read for Every Website Owner

Leave a comment

At Superb Internet, we’re always looking out for you. That’s why we want to take the time to give you a crash course on one of the most important elements to keeping your website safe, secured, and compliant – SSL certificates.

Giving You the Lowdown on SSL Certificates

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant.

Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information, such as a customer’s personal and credit card information. There has also been a considerable increase in the number of people using mobile wallets to make online payments, according to this study. Hence, by adding an SSL certificate, you not only protect your business but also increase customer confidence by safely encrypting your customers’ most sensitive data.

For online transactions, an SSL certificate turns sensitive data into encrypted secure code. The web browser then checks the SSL certificate to make sure that the website is legitimate. Once verified, the web browser and server processes the encoded information.

SSL Certificate 1

This helps to ensure that the sensitive data delivered between the web browser and server is handled safely, securely, and that the website is PCI (Payment Card Industry) compliant.

Why Picking the Right Certificate Authority (CA) Matters

Picking the right Certificate Authorities (CA) is integral in the entire SSL process because they’re the ones issuing these digital certificates. In essence, digital certificates, such as an SSL, are small verifiable data files containing identity credentials that help authenticate the online identity of people, websites, and devices.

Each digital certificate includes valuable information like the expiration date of the certificate, the owner’s name and other important information, along with a public key – a value provided by some designated authority as an encryption key.

ssl-5

As a trusted entity issuing these digital certificates, the CA must meet strict and detailed criteria before being accepted as a member. Once accepted, the CA is authorized to distribute SSL certificates.

The longer the CA has been operational, the more browsers and devices will trust the certificates issued by the CA. One important thing to note is that for certificates to be transparently trusted, it must have “ubiquity” where it’s capable of being backwards compatible with older browsers, including mobile devices.

Overall, CAs play a vital role in how the Internet operates today by protecting information, encrypting billions of online transactions, and enabling secure communication. Without CAs, the Internet would not be as transparent and trustworthy as it is and online transactions would be more susceptible to hacks, data breaches, and phishing.

Get the Perfect SSL Certificate(s) to Meet Your Needs

Of course, not all SSL certificates are created equal. To ensure that you pick the right SSL certificate(s) for your needs, it’s important to understand the main differences in regard to its validation level:

Server Gated Cryptography (SGC) SSL Certificates

To begin, let’s start with one of the original secured digital certificates – the Server Gated Cryptography (SGC) SSL certificate. SGC SSL certificates were made available from the mid 1990’s as a means to increase the cryptographic strength of the SSL connection from 40, or 56 bits, to 128 bits.

At that time, the goal was to force weakly encrypted browsers to use the stronger 128-bit encryption method for online financial transactions. Of course, times have changed and SGC browsers, such as Netscape, are obsolete. The once reliable, and unbreakable 128-bit encryption, is now susceptible to new vulnerabilities and are unable to support the ongoing revisions of SSL protocols.

Today, the standard SSL encryption is 256-bit and we recommend anyone with an SGC SSL certificate to replace it immediately with one of the other types of SSL certificates below based on their validation level and security requirements.

ssl-4

 

Organization Validated (OV) SSL Certificates

Organization Validated (OV) SSL certificates are more trusted because the validation process not only requires for the domain to be authenticated but also additional information and documentation to certify the company’s identity.

The CA must authenticate the company against the business registry databases held by the local government to confirm information, such as the entity’s name, city, state, and country to ensure that it’s a legitimate business. Because of this, the entire process can take anywhere from a few hours, to a few days to complete depending on the CA’s validation process.

OV certificates are considered the standard type of certificate for any commercial website because it contains all the necessary information for company validation. By giving people more visibility into who is actually behind the site when they click on the Secure Site Seal (lock icon) located on the address bar, visitors feel more comfortable sharing their personal information with the site.

Domain Validated (DV) SSL Certificates

Domain Validated (DV) SSL certificates are used on public websites and are one of the cheapest certificates to get. The validation process is very simple and is typically performed via email or DNS to confirm that the domain is registered and that someone with admin rights is aware of, and approves, the certificate request.

Since no company information is vetted, the entire process can be complete almost immediately. If the certificate is valid and signed by a trusted authority, the browsers would indicate a successfully secured “Hyper Text Transfer Protocol Secure (HTTPS)” connection in the address bar.

DV certificates are ideal only to those wanting a quick and low cost SSL where organization validation is not a concern. With this in mind, an informed user may acknowledge that DV certificates do provide encryption and security as other certificates but they may still not trust the site with their personal information because no company information has been vetted as part of the validation process.

Extended Validated (EV) SSL Certificates

If you’re looking to go the extra mile in keeping your website(s) safe, secured, and compliant, then Extended Validated (EV) SSL certificates is the perfect solution for you. Unlike the validation process for DV and OV certificates, getting an EV certificate is more difficult because of its strict and stringent authentication procedure that requires domain ownership and additional company documentation, along with other steps and checks. Overall, there are two main phases to the authentication process.

The first phase requires the CA to conduct thorough research to identify the legal entity that controls the website. This is done by verifying the legal, physical, and operational existence of the company. In addition to verifying that the organization’s identity matches official records, the CA must also ensure that the organization has exclusive rights to use the domain specified in the EV certificate and that it has properly authorized the issuance of the EV certificate. Typically, the CA will also obtain an attorney’s legal opinion on the validity of not only the business but also the information provided to obtain the EV certificate.

The second phase assist with enabling encrypted communication of information over the Internet between the website and the user of an Internet browser. By having processes for facilitating the exchange of encryption keys to prevent hacking, phishing and malware, organizations with EV certificates have a vehicle in place to properly address online identity fraud.

Since the validation process for EV certificates are much more in-depth, the entire process can take a few days, to even a few weeks to complete. Plus, CA’s issuing EV certificates must undergo recurring audits to ensure the integrity of the SSL certificate issued.

EV certificates are an ideal solution for businesses that wish to assert the highest levels of authenticity and security. By adhering to the strictest authentication process, any company with an EV certificate is rewarded with a visible “Green Bar” that’s clearly noticeable on any modern browser. This gives visitors and customers the utmost confidence that the site is extremely secured and compliant.

Wildcard (*) SSL Certificates

Wildcard SSL certificates secures your website similar to standard SSL certificates and the requests are processed using the same validation method. These types of SSL certificates are available for most of the validation levels (DV, OV, EV) mentioned above and can help protect an unlimited number of subdomains for a single domain.

One of the key differences is that Wildcard SSL certificates uses “Subject Alternative Names (SANs)” to secure a domain and all of its first-level subdomains. Whereas, a standard SSL certificate will only secure the domain that you bought the SSL certificate for and any subdomains will be left unprotected unless you purchase a Wildcard SSL certificate or additional SSL certificates for each subdomain.

For instance, let’s take www.SSL.com as an example. By purchasing a Wildcard SSL certificate for this domain, all you would have to do is add an asterisk (*) in the subdomain area located left to the common domain name and you can secure an unlimited number of subdomains for *.SSL.com, such as the following:

  • protection.SSL.com
  • safeguard.SSL.com
  • security.SSL.com
  • browsers.SSL.com
  • internet.SSL.com

Overall, Wildcard SSL certificates is a great solution for those with multiple subdomains who want to save time, money, and to make the SSL administration process easier for securing their site. However, the drawback with Wildcard SSL certificates is that each subdomain is not individually protected. So if a certificate is revoked on one subdomain, other subdomains will be compromised and revoked as well.

Always be on the Lookout and Manage Your SSL Certificates

Having an SSL certificate is an essential part in protecting sensitive data in transit. And while SSL certificates provide additional layers of security, it can still be vulnerable and susceptible to attacks. This is where SSL certificate management comes in. You always have to be on the lookout to ensure that the SSL certificates are managed properly.

Proper SSL certificate management requires knowing the status of each certificate across sites, browsers, and networks. Through careful monitoring of these certificates, website owners can prevent major incidents from occurring, such as phishing and data breaches, which can not only be expensive to resolve but also cause long-term damage to your reputation with customers.

Now is the Time to Protect Yourself, Your Business, and Your Customers

Thinking about getting an SSL certificate for your website? Let us help keep your website safe, secured, and compliant. Whether you’re thinking about getting an SSL certificate to encrypt sensitive information, authentication, PCI compliance, to gain your customers trust, or to prevent phishing and data breaches, we have a wide-array of trusted brands to choose from.

ssl-6

Start now and easily compare SSL certificates from major global CA’s like GeoTrust, Comodo, and Symantec. See our latest line of secured, reliable, and affordable SSL certificates below. Get trusted, be protected, and stay compliant today!

Certificate Authority Certificate Name Validation Level(s) 1 Year 2 Year 3 Year
Comodo EssentialSSL DV $11 $20 $28
GeoTrust RapidSSL DV $18 $26 $38
Comodo InstantSSL OV $39 $79 $99
GeoTrust True Business ID OV $119 $199 $289
Comodo EV SSL EV $179 $359 N/A
GeoTrust True Business ID with EV OV/EV $299 $469 N/A
Comodo EssentialSSL Wildcard DV/WC $179 $289 $399
GeoTrust RapidSSL Wildcard DV/WC $129 $249 $369
Comodo PremiumSSL Wildcard OV/WC $199 $398 $597
GeoTrust True Business ID Wildcard OV/WC $499 $998 $1,497

Recommended Validation Level(s):

Domain Validated (DV) SSL Certificates:

DV certificates are ideal only to those wanting a quick and low cost SSL where organization validation is not a concern.

Organization Validated (OV) SSL Certificates:

OV certificates are the standard type of certificate and contains all the necessary information for company validation.

Extended Validated (EV) SSL Certificates:

EV certificates are an ideal solution for businesses that wish to assert the highest levels of authenticity and security.

Wildcard (WC) SSL Certificates:

WC certificates are a great solution for those with multiple sub-domains who want to save time and money.

General

Marketing 101 – The ABCs of a Homepage

287 Comments

What is a Homepage?

Before we dive into the marketing strategies involved with creating an effective homepage, it’s crucial that everyone understands what a homepage is. In essence, a homepage is the introductory, or default page, of a website that typically highlights the site’s table of contents.

Sleek chrome & blue number website buttons.

There’s a good reason why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Think of it like this. Your website’s homepage is where people come to visit you. It’s the family room of your website where everyone meets to hang out and get comfortable before they actually move further inside to see the remaining parts of the website. Most businesses take utmost care while building their website. If they do not have the resources to build it in-house, they ensure the quality by hiring a philadelphia web design firm that can make a website worth the money.

Why is a Homepage Important?

Everyone who owns an ecommerce business understands that their website’s homepage is inevitably the most important page of the entire site.

Like they say, you never get a second chance to make a good first impression. Therefore, you want to ensure that your homepage is clean, tidy, and clutter-free so that visitors can easily navigate to see what your website is all about – similar to how you want to keep your house clean when having visitors.

The main goal of any ecommerce homepage is to make a great first impression. Reason being is that you want to turn your visitors into leads, and your leads into customers by driving them down your sales funnel.

If you are not well versed in designing a website, you can hire an ecommerce website development expert. A professional service provider can design the website to fulfill your requirements while considering other aspects, such as marketing, advertising, website flow, ease for the customers, and more.

As for the important elements of a homepage, you can check out the points mentioned below:

Always Remember the ABCs of a Homepage

Since your website’s homepage receives most of your site’s traffic, it’s vital that your homepage is optimized to “Always Be Converting (ABC)” visitors into customers. If you’re failing to convert visitors into clients, it probably means that your homepage is missing some critical elements. When you put together a comprehensive marketing and sales plan, likely with a sales enablement strategy, then figuring out the dynamics of your website are one of the important tasks in that strategy. Along with a host of other things to power up your sales, of course. But let’s take small steps.

abc-blocks-1424477-639x564

To help you achieve this never-ending feat, here are five helpful tips to elevate your homepage to the next level for maximum conversions:

  1. Headline:
  • Within 3-5 seconds, visitors should know exactly what your site is about, what it has to offer, and how you can help customers. Leave out the fluff and do your best to keep things clear and simple.
  1. Subheadline:
  • This section should state a brief summary of what you can offer and your competitive advantages. Don’t brag about yourself, avoid jargon by speaking the language of your target audience, and do your best to zero in on the problems of your customers and how you can help to alleviate their pain points.
  1. Call-to-Action (CTA):
  • Every homepage should have call-to-actions (CTAs) since the goal is to always turn your leads into customers by not only having them stay on your website longer but also to move them through your sales funnel. We recommend having a minimum of 3 CTAs above the fold to direct visitors to the different stages of the buying cycle.
  1. Eye Candy:
  • Make sure that you use images / videos to support your main points. Since most people are visual by nature, it helps to draw out their emotions so that they can connect with you better. Remember, the visual images must support what you have to offer, along with highlighting how you can help your visitors resolve their concerns.
  1. Copy / Content:
  • Ensure that the copy and content on your homepage highlights the benefits and competitive advantages of your business. Describe what you do, what you offer, how you can help, and make sure that your copy is lightweight, simple, and avoid jargon by speaking the language of your customers.

By following the guidelines listed above, ecommerce sites can improve their odds of converting visitors into customers. And since every business is dynamic, you must continually optimize your homepage as your business needs change. You can also personalize your marketing strategies to attract new customers by creating an automated user interface. To achieve such a target, you may have to study customer profiles to generate data variables such as demographics, geographical locations, industry, titles, etc., and come up with a list of common characteristics to target for your business growth. For in-depth information, you can read more about custom marketing through various websites and blogs.

After understanding and successfully implementing these strategies, you can create a dynamic homepage that truly engages your target audience. It can show the customers what your business is all about, along with your competitive advantages. It can also assist in achieving customer loyalty by helping them troubleshoot their problems and improve their lives.

Birthday Cake

For those unaware, our 20th birthday is tomorrow and we’re pulling out all the stops by giving away all of our BEST promotions for this rare one day event on Saturday (July 23, 2016). Choose one, or take advantage of all our birthday specials and see for yourself why we’re the host with the most. Switch from the rest to the best today!!!