SSL Certificates: How Can I Determine the Right Security Level for My Website?
Question: I am trying to understand SSL certificates - the choices are many and varied. I do understand the basics of SSL encryption, but am confused as to what is needed for websites and why. There are many options and pricing varies greatly - as cheap as $19.95 per year which simply verifies domain ownership up to thousands of dollars for more secure environments. How does one know how much security is needed to ensure safe handling of data without paying for more than is required?
Answer: SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
SSL Certificates are required when a website seeks to gather confidential information from the user, i.e., social security numbers, credit card payments, health information, etc.
The fees associated with SSL Certificates are based on the value of financial protection that is provided by the SSL Certificate authority. A low cost SSL certificate might simply verify the owner of the domain, while higher priced SSL certificates would protect the site owner from losses incurred if security is breached.
The level of security required for a website, therefore, would be determined based on the value of the transactions that occur and the need to protect the site owners from financial losses.
For more information about SSL, visit Verisign’s SSL Information Center.