Google has been advancing the cause of a secure web for several years now. Chrome has been marking more and more HTTP sites as ‘not secure’, where they ask for passwords or credit card details, but in July 2018, they’re stepping this up to any HTTP site. This means that when chrome users come to your site, they will see a ‘not secure’ warning in the address bar. The real risk of not encrypting your site, if you’re not collecting any customer data, may be low but the impact on consumer confidence is high.
Why HTTPS? Users don’t even log in to our site!
If users send data to your site without encryption, it can be intercepted or modified by a third party. You’re probably already aware of that. If you don’t want to see your business on the nightly news for breaches of customer information, you’re probably already using HTTPS. If you’re just serving information about your company, you may not see the point in getting an SLL certificate. Stealing customer data isn’t the only risk to HTTP though. HTTPS also secures the information you transmit to the customer, being the page itself. HTTP sites do have a risk, however slight, that a third party could intercept and modify your page as it’s sent to the customer. That means customers can’t completely trust what’s on your website, and neither can Google.
Google Loves a Secure Web
In general, Google has been pushing sites to move to HTTPS since around 2014. Google never reveal their search ranking algorithm secrets. Given their enthusiasm for a secure web, there’s a strong chance HTTPS is a factor. Google penalise your site for serving malware, being slow or being mobile unfriendly, so it’s a good bet they’re pushing down sites which are not encrypted. In fact, they confirm in their Webmaster Guide that “Google uses HTTPS as a positive ranking signal.”
If you think this latest development is heavy-handed, they have announced that in future they will move to a red exclamation warning for all HTTP sites. The message is clear. It’s time to sort out your HTTPS SSL certificate.
The Easy Way to Avoid Awkward Customer Questions
There’s one easy way to avoid all of this – get an SSL Certificate and move to HTTPS. Whatever your feelings on google or encryption, they’re slowly but surely pushing us all into this.
To get started, pick which SSL certificate type is right for your site, get it installed and get your site configured to always use HTTPS.
If you’d like a hand with the details, just get in touch: