“What implication will this have on my dental website as I don’t ask for credit card details or indeed sell anything via my dental business website”
It is a fact that most dental websites handle users data on a daily basis through the submission of enquiry forms and newsletter signup forms. This data is relayed, via your website’s server, to a mailbox where you receive email. What a SSL (Secure Socket Layer) enabled web server gives you is encryption of that data making it more difficult to for an attacker to decipher that information. You will see we didn’t use the term “impossible to decipher”, as we know any website or system can be cracked and data captured, no matter what the security.
“So why should I bother with upgrading my web server to HTTPs if data can still be captured?”
We do take security of websites very seriously and install industry standard security plugins on all sites we produce which blocks suspicious activity and unauthorised access, however once the data leaves our server, in the form of a digital form submission, that is where the data can be captured. This is where SSL comes in by means of the encryption of that digital data.
However there is a more important issue, as a dentist you are not dealing with state secrets, high level industrial secrets or anything that could really change the world. You are dealing with peoples trust, after all your patients let you carry out medical procedures within their personal space.
If for example a patient who trusts you implicitly, happens to be browsing your website, and all of a sudden they see a warning triangle and notice “Not Secure” in the address bar of their browser, what message does that send?
Now we know that our clients build relationships with their patients that are strong and built on trust, however that doubt could stop them interacting via the website, and give them concerns?
Say you are a potential patient, just moved to the area, and browsing for a new dentist, using Chrome. They come across a few websites in their organic search, click on the link that most appeals to them at the top of Google Search, and then they are confronted with an explicit warning “NOT SECURE”. Ask yourself, what would you do? Hang around a while? Fill in the new patient registration form? Share the site on Social Media sites, such as Facebook or Google+ asking if anyone has any experience of the dental practice?
“OK, what is this going to cost my dental business?”
A Quick SSL Premium certificate can be added to your domain for £72.00 (including the VAT) and lasts for 12 months, after the 12 month period it will need to be renewed on a yearly basis. If you want the higher Extended Validation certificate then the prices increase dramatically, however the product is much higher in its specification costing £490.00 (including VAT per annum). We manage all the techy stuff and do the installation on our servers in conjunction with our hosting provider, simple as that. Setup times can be within 24hours for Quick SSL Premium and up to 3 weeks for Extended Validation SSL certificates.
We do not wish to scaremonger, or tell you that the world is going to crash down around you, ultimately we can only recommend what might be right for your website, just as you would recommend and not push a treatment for your patient.
Secure or Not Secure is therefore a choice, it is much more than a security choice, it is a Marketing choice, it is an SEO choice, it is a Social Media choice.
It is ultimately a question of TRUST.