Online security is a primary concern for businesses that want to protect their own data, as well as the sensitive information provided to them in trust by consumers. In addition to complying with all applicable privacy laws, companies are interested in protecting customers in order to maintain long-term relationships and preserve a strong reputation.

The HTTPS green padlock indicates to consumers that a website is secure. Or does it? Here’s what businesses needs to know.

What is the HTTPS green padlock?

The average person does not have a clear understanding of how websites are secured or how their security options protect consumers. By utilizing the HTTPS green padlock, your company and your website can provide users with a clear and simple indication of protection.

The green padlock symbolizes the presence of secure sockets layer, or SSL technology. This is where the “S” in HTTPS comes from (as opposed to less secure HTTP). While most consumers don’t really understand the difference between HTTP and HTTPS, they know that seeing the green padlock icon denotes a protected transfer of information, reducing the risk that hackers can intercept, steal, or misdirect data.

How do I know if my site is truly secure?

Unfortunately, the green padlock as a symbol of authoritative security has paled somewhat over the past year, due in large part to a company called Let’s Encrypt. This company sought to simplify the process of obtaining an SSL certificate and make it more affordable for small businesses to secure their online operations by removing fees and other barriers.

The unintended side effect of this noble undertaking was that an incredible number of phishing and malware sites have used the opportunity to obtain SSL certificates that make them look legitimate and secure. This convinces users to enter private information, like say, a username and password to login to PayPal, which these nefarious sites can then use to gain access and engage in fraud, identity theft, and actual theft.

What if cyber criminals take this opportunity to spoof your company’s website and steal user data or infiltrate your networks? How can you remain safe? How can you help users to remain safe?

How can I increase security?

Anyone in charge of a company website wants to provide the highest level of security for online operations, both for the safety of company data and for the protection of customers who provide confidential, personal data. Secure sockets layer technology goes a long way toward accomplishing both goals, but could you do more?

The place to start is by making sure you obtain secure sockets layer protection from a reputable and reliable source. From there you can implement additional layers of protection (encryption, compartmentalization, monitoring, etc.) to secure interactions with customers and keep stored data safe from breaches.

Consumers should also be apprised of potential threats to security posed by cyber criminals engaged in spoofing legitimate websites. When your customers understand threats and how to combat them, you can not only increase security, but also help customers to feel safe interacting with your company online.