GOOGLE have been encouraging web developers, businesses and organisations to move towards more secure sites for a number of years. From this month, the search engine will implement measures to highlight any website that is flagged as unsecure on their Chrome platform.
This means that, if your site doesn't have SSL (Secure Sockets Layer) encryption, you are likely to find yourself at a disadvantage.
HTTP vs HTTPS
In simple terms, if your web address starts with HTTP then it will be considered unsecure and flagged as such. It's been around four years since Google decided that HTTPS should be the preference for all sites and committed itself to using search rankings as a way to promote higher security across the board. The company report that a large proportion of sites have moved to HTTPS and half of downloads on Chrome are now serviced via this protocol.
Up until now, the security of a connection has been shown in the address line to warn people if there is a problem with the site they are trying to contact. HTTP connections have routinely been classed as neutral. From July they will, however, be tagged as being unsecure with a red danger sign. Obviously, if you are a business that currently doesn't operate a secure website, this could have a huge impact on user engagement, including sales and conversions and is likely to already have an adverse effect on your organic site rankings.
The benefits of HTTPS
Even if your business is not collecting or handling sensitive data, (if you have a contact form on your site that collects a person's name or other identifying data, then according to the new GDPR regulations, you are handling sensitive data) it now makes sense to make sure you have HTTPS rather than HTTP. If you do handle personal information, it's absolutely vital that you switch if you want to keep user data secure.
HTTPS isn't just about stopping hackers and other intruders from getting into your site, it comes with a whole range of the latest security features. A hacker will, for instance, intercept unprotected communications so they can then trick users into giving up more information.
There can be thousands of different bits of data that are moving back and forth between your site and users on a daily basis, all of which give intruders the chance to capture and leverage it. Many hackers will aggregate or collect lots of bits of information to help them in their nefarious activities. That means over time your unprotected site may well be used to gather a range of data that can be used to scam your website visitors.
The future of websites is HTTPS and over the next few years it's anticipated that most websites will switch to it. The change in notification for Google Chrome is a more aggressive approach to ensure that this happens sooner rather than later and you can expect it to roll out with other browsers.
What is an SSL Certificate?
To implement HTTPS you will need to purchase and apply an SSL certificate. There are levels of security that you can choose depending on the type of website you have, for example, whether it's a single domain, you have multiple sites or multiple subdomains. Ideally, you want to choose a reputable provider and one that has a good helpline if you have trouble with implementation on your sites. Most have excellent guides that will walk you through the process.
Applying an SSL certificate to your website is not as complex as some will lead you to believe, nor should it cost the earth, but it looks like for Chrome traffic, it will be invaluable!