2017 is the Year of HTTPS – But What Does This Mean for You?
Beginning in July 2018, the Google Chrome web browser (version 68.0) will begin showing this “not secure” alert next to URL’s that have not upgraded from HTTP to HTTPS. When a potential user clicks on “not secure”, they will see the notice that “your connection to this site is not secure.”
HTTPS is a security protocol that uses SSL 2048-bit encryption to protect a user’s connection to the website. This ensures that any data transmitted to a HTTPS secured website cannot be tracked or stolen, and that the data is not corrupted as it is transferred.
Google takes website security very seriously and now provides plenty of motivation for a website owner to upgrade the security of their website.
It is indisputable that having a website to represent your company or brand is a must-have. There is nothing more important than ensuring you are able to connect with users whenever and wherever they are. For many years, Google was (and still is) pushing for sites to become mobile friendly. This has helped improve user experience and accessibility for websites that have made the push to optimize for mobile. Now that this practice is becoming the norm, Google is making yet another push – this time for site security.
In 2014 Google announced that they were going to be using Hypertext Transfer Protocol (HTTPS) as a ranking signal for websites. This means websites that had an SSL certificate, allowing for secure communications over a computer network like the internet, would be ranked more favorably in organic search results. Since communication over HTTPS is encrypted between the client and the server, data such as user information or secure content cannot be tampered with or forged.
In January 2017, Google took the first step in increasing user awareness of secure and insecure sites on the web. This includes more explicit labelling of secure and insecure sites in the Chrome browser as well as other forms of notification to notify users of insecure content.
With such strong push-back on insecure content from Google, it is more important than ever to ensure your site is secure. Here are four great reasons to ensure your site is secure today!
HTTPS is a must for healthy and growth-driven SEO
Like it was mentioned above, Google has publicly stated they use site security as a metric for their search ranking algorithm. This means while your site may have ranked highly for certain keywords in the past, you may be losing traffic to competition that has secure sites.
Google’s Gary Illyes went on record in 2015 to clarify how HTTPS is weighted in the ranking algorithm.
“With the HTTPS ranking boost, it acts more like a tiebreaker. For example, if all quality signals are equal for two results, then the one that is on HTTPS would get … or may get … the extra boost that is needed to trump the other result.”
As Google pushes for site security more aggressively, it can be expected the its importance as a ranking signal will also increase.
Secure sites provide a better user experience
The benefits of having a secure site extend beyond ensuring your site is not labelled insecure by Google. While this demarcation can, and likely will, drive traffic away from your site it is important to remember the ways a secure site benefits your users. If your website collects any user information like account usernames and passwords or emails, it is vital they are kept secure. Credit card and other payment information is also vital to keep secure. A recent study found that users were 84% more likely to abandon a monetary or information transaction if data was being relayed over an insecure connection. Making sure your site is secure ensures that you do not lose potential customers at crucial moments on your website.
Having a secure site lets your users know that you care about their privacy and that their data is safe in your hands. Losing customer data to a site hack is, at best, an inconvenience to your users but could result in monetary and identity theft. Making your website secure affords your users peace of mind and helps build a trusting relationship with your brand.
AMP requires HTTPS
Accelerated Mobile Pages (AMP) are often at the top of search results on mobile devices and are marked with a gray lightning bolt icon. These pages load quickly and are highly visible. While they require additional levels of optimization, having a secure site is the first and most important step towards AMP optimization.
While optimizing for AMP could be its own blog post, Google is also making these pages a priority for 2017.
Updating to a secure site will help future-proof it
Google shows no signs of moving backwards in their push for a more secure internet. As new methods of optimization and site security are created, it is important to stay on top of the current trends. Failure to do so could result not only in lost traffic and revenue for your company or brand but also inflated costs to bring your site up to speed in the future.
If you are building a new site, ensuring your site is secure is non-negotiable. If you need to update your site, your development team or agency partner will be a vital resource in making the transition. 2017 is the year of site security and there’s no better time than now to make the switch to HTTPS!
How can I tell if my website is secure?
The first step you should take is making sure your Chrome browser is up-to-date. To do this, open the Chrome Settings Menu by clicking on the icon with three vertical dots in the upper-right hand corner of the browser’s toolbar. If your browser is out of date, an option to update will be given in the menu options. If you do not see the option to update Chrome, you have the latest version. While most users will not have to manually update their browsers, it is important to double check to make sure you have the latest version. Staying up-to-date will keep your browsing information private and personal data secure.
Once your browser is updated to the most current version, look to the left of the url bar to check if your website or any site you are browsing is secure. If the site has been updated to HTTPS and is secure, there will be text reading “Secure” as well as a closed lock icon in green font color to the left of the url. If a site is still using HTTP, this text will instead be a lowercase “i” in a circle. Clicking on this will open a drop-down list that will warn you of any potential security and safety vulnerabilities on the site you are currently browsing.
These options are available in Chrome browsers that have been updated to at least v.62. Since the browser auto-updates, most users will be updated to the most current version. Any version after v.62 will still include all the security updates and features needed to ensure you are browsing safely and able to check the security of every site you are on.