Website Security Certificates Made Easy

| Industry Insights

Let’s Encrypt recently celebrated a milestone of sorts. About a month ago marked the 3 year anniversary of the issuance of their first completely free website security certificates. Since that time, they have issued a whopping 380 million certificates! Not a bad 3 year effort, right?

What Is It?

Let’s Encrypt is a free, automated and open Certificate Authority run for the public’s benefit. A certificate authority is a company that issues TLS certificates, which protect the traffic between site visitors and websites (think SSL if you are not familiar with TLS). You’ll know when the connection is secure because the site’s url will say “https” instead of just “http”, or you will see the green lock next to the domain name.

Let’s Encrypt was founded in part by the Electronic Frontier Foundation and has support from prominent technology companies like Mozilla, Facebook, Google and Verizon. The goal was to “encrypt the web” by making all websites secure. Did you know that 50,000 websites are hacked every single day? 50,000! So Let’s Encrypt was put together to make the decision to deploy security certificates a no-brainer.

How It Works

Website Security Certificates Created By Let's Encrypt

Let’s Encrypt Certificates Issued Per Day

Historically, getting or renewing website security certificates (SSL/TLS) for websites has been a bit tedious. The process can be cumbersome and error prone. However, Let’s Encrypt cuts through all of that and makes it simple, quick and free to create the certificate. With the right hosting partner, the process can literally take minutes. There will be some work to update your existing site images and links to use https instead of http, but that is an easy and relatively quick process.

Benefits of Website Security Certificates

Website security certificates are not only good for you and your site visitors, they are also an important ranking factor with search engines. All things being equal, a site with a secure connection will outrank one without. Obviously if you do any kind of e-commerce then this isn’t even up for discussion. The great thing about Let’s Encrypt, though, is that now even the smallest single page blog has no excuse for not adding a security certificate. Today, we will not even build a website without it.

Are There Any Drawbacks

As with any technology, especially a free service, Let’s Encrypt is not immune from abuse. There are documented cases where cybercriminals have exposed weaknesses in a domain’s Let’s Encrypt configuration. Overall, however, if the proper steps are taken, it is a fantastic solution.

One thing to note is that the certificates do expire every 90 days, compared to the 1 year duration most people are familiar with. Depending on where you host your site, you might have to put a process in place to renew your certificate each quarter. Up until recently, for some businesses this would have been the biggest drawback to using the Let’s Encrypt certificates. However, certain hosts (including our solution) will now automate this process for you. So once your Let’s Ecrypt TLS certificate is in place, you may never have to think about it again.

Will This Make My Site Secure

The Let’s Encrypt solution will definitely help make your site secure. However, it is just one piece of the puzzle. Sites still need a robust security plan that includes software updates and other security best practices.

Are you interested in upgrading your site to https via this free website security certificate solution? Give us a call today at 601.707.3322.

No Comments