Recent events related to cyber security are clear indications that we need to protect our websites from vulnerabilities. If you manage your company’s website, you don’t need convincing that it’s imperative to safeguard against potential threats.
HTTP vs. HTTPS websites
It’s standard web security practice for a site to be SSL secure – or HTTPS. Installing an SSL certificate creates a secure (or encrypted) connection between a user’s browser and the site’s server.
In other words, it protects the information visitors to a site might be sharing. This includes confidential information like passwords, personal data, medical data, proprietary information, etc.
This added layer of security creates trust. It gives visitors the assurance that anything they share with isn’t being intercepted and – at the same time – assures website owners that the data transmitted is legitimate.
A no-brainer, right?
Surprisingly, only 25 of the world’s top 100 websites use HTTPS vs. HTTP by default, according to Google’s Transparency Report, HTTPS encryption on the web.
Having a secure website goes far beyond encryption to protect data though. Today, your online marketing efforts can be affected by this single (albeit very important) standard practice.
Google is favoring HTTPS websites
Google has proven its commitment to safe browsing and secure connections by making some major changes in Chrome.
In 2014, Google announced that it would favor sites that use HTTPS over those that don’t in search engine results. That means if your site isn’t SSL secure, you could be ranking lower than your HTTPS competitors. Secure sites received a boost, although it’s a lightweight signal in the grand scheme of their search engine algorithms.
As we look back, this “HTTPS boost” may have been priming us for the 2017 updates.
2017 HTTPS updates in Google Chrome
As of January 2017, with the Chrome 56 update, HTTP (not secure) sites are more clearly and accurately labeled as non-secure based on increasingly stringent criteria (Google Security Blog). A “NOT SECURE” warning is also shown when users enter their information in a form on an HTTP page.
And it doesn’t end there…
Starting October 2017, the HTTP security indicator will change from the neutral exclamation point to the red triangle used for broken HTTPS.
They say this warning is part of a long-term plan to mark all pages served over HTTP as “not secure.” Here’s a peek at what Google has in store for those HTTP pages:
Changes affect search engine rankings and lead generation
If your website isn’t secure, it’s not just affecting your rankings is search engines anymore. It’s likely going to play a role in users entering data (or not) on your site.
The reasons for properly securing your website are piling up and can’t be ignored much longer.
Alicia Hale, emagine’s VP of Digital Marketing says, “Now is the time to make sure your site is HTTPS. People will be less apt to visit your website if they see that “not secure” message and it’s going to hurt traffic volume.”
If you’re ready for the October update, kudos to you! If not, let us know if you need help setting up an SSL certificate by reaching out to a Web Specialist.