If you run a online business, you are sure to use Google AdWords. Perhaps this is one of the main traffic sources on your site, so the last message you want to see is "Your account has been suspended ...". And yet, you can expect it if your site is not SSL-secured.
Google AdWords requires an SSL certificate for pages where all numbers are collected, including credit cards, bank accounts, transfers, IDs, health insurance number, etc. So if your website includes a site where such data is collected, such as checkout page, you should have SSL deployed.
Google cares about the security of the Internet seriously and is consistent in it. We see how different stages of the solutions are being implemented. We all know the rules of Chrome since January 2017.
The obligation to have SSL for businesses using AdWords is not new, but it is still poorly recognized. This policy was announced on the AdWords blog as early as in May 2011.
Since the principle of SSL for sites with checkout pages is valid from 2011, how is it that it is not commonly known? In other words, how advertisers are not using the certificate and still run the campaign?
The basic principles of AdWords in the "Account management and security" section are clear:
According to AdWords rules, websites that send certain personal and financial information must use SSL connections. - support.google.com
There is no distinction between forms of AdWords advertising, which means that this applies to all types.
The SSL certificate requirement, however, is not enforced. With one exception, Product Listing Ads, known as PLA, or Google Shopping. Here the system is restrictive and automatically suspends your account for "Irrelevant collection and use of data". This is probably because the PLA always advertise ecommerce sites, which in turn always have login pages, etc., which ensures that the SSL certificate should be implemented.
As we mentioned, Google is consistent in implementing security rules. Even if it currently controls SSL only for Product Listing Ads, this does not mean that it will not begin to verify pages for other types of campaigns. We can be sure that it will eventually do so. Perhaps Chrome-related activities are a prelude to the form of preparing advertisers to implement the protocol.
The choice of certificates is very wide and prices range from a few dozen to a few thousand USD. However, if you just want to go through Google AdWords (and Chrome) verification, you just need the simplest SSL validation (Domain Validation) certificate. If your site is on a domain and subdomain, and wherever you collect sensitive data, you can save by choosing a Wildcard. If you have multiple domains in turn use Multidomain. In all cases DV validation is sufficient.
Sectigo, formerly known as Comodo CA, is entering the next phase of its transition: it’s replacing Comodo CA roots with USERTrust roots on January 14, 2019. Why it happens and what it will mean to Sectigo customers?
According to previous announcements, a year after the acquisition of Comodo Group by Francisco Partners, on November 1 Comodo CA announced that from now on it is changing its brand to Sectigo [pronounced. sec-tee-go]. The goal of rebranding is consistency in company communication and better dedication to what Comodo is doing now.
The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?
cyber_Folks S.A. – Cookie settings