Do I really need an SSL certificate for my website?
Before quickly dismissing your site as too small to be a target, keep in mind that most interceptions are done electronically without a human deciding who is attacked. A web creepy crawly doesn’t care how big you are or what you do for a living. They have one goal, and that is to find vulnerabilities. Once discovered, its dirty work begins. No site is too small to get hacked.
If you sell products? Probably. If you’re taking credit card payments directly on your website, you definitely need SSL in place to encrypt your customers’ credit card information. However, that doesn’t necessarily mean you need it on your entire site; you might decide to use SSL only on store or checkout pages, for instance. If you use PayPal exclusively to accept payments, you don’t need SSL since customers aren’t paying you directly.
If you offer memberships? Maybe. If you run a membership site, free or paid, SSL might be a good idea. After all, your members are giving you their email addresses, names, and passwords, all of which they likely use on other sites. Do you really want to risk being responsible for a security breach that results in your members’ information being spread across the whole internet?
If your visitors submit sensitive information via forms? Maybe. If your site’s visitors are submitting any personal information, documents, photos, etc. via forms on the site, you might consider SSL to keep that information safe. I won’t even talk about HIPAA compliance as that’s a whole separate issue, but you might be surprised how much information you collect about your visitors even if you don’t sell products or offer.