Has your business website converted to HTTPS? No? Here’s another question: Do you like getting traffic on your website? Because if you haven’t converted to HTTPS, you’re about to lose a lot of it—in fact, you may have begun to already.
This is because of Google’s recent push for websites to adopt HTTPS protocol, which uses encryption to make sites more secure. Currently, Google is primarily flagging non-HTTPS sites that ask for login or financial information as “Not Secure.” However, according to a recent blog post, by July 2018, the Internet’s most widely used browser will start flagging all sites that haven’t adopted the protocol.
Hopefully, you’re already familiar with HTTPS—if not, here’s a brief summary. Websites operate within Hypertext Transfer Protocol (HTTP), which facilitates all activity between web servers and browsers. On webpages that handle sensitive data like contact or banking information, an “S” is added to the protocol, which stands for “Secure.” When transferring to one of these protected pages, the user will see a padlock icon in their browser bar to signify the secure connection. To create this private connection between the user and the website’s server, HTTPS employs a Secure Sockets Layer (SSL) Certificate, which encrypts the connection and prevents intruders from spying on the user’s activity or stealing their information.
Google now wants all websites to convert from HTTP to HTTPS, regardless of what activities or transactions are conducted therein. Why? Because these days, even seemingly insignificant user data can be exploited. For example, aggregate patterns of activity or casually shared information can cause users’ anonymity to be inadvertently compromised, opening the door for malicious intruders to take advantage. Furthermore, unsecured sites make it easy for advertisers to gather user data and use it for targeted ad campaigns. In essence, even if a website’s users aren’t sharing sensitive information, the absence of proper security can still bring risks. As a business website owner, you have a responsibility to provide the most secure space possible for your customers—at least, that’s the way Google sees it.
Beyond the weight of moral obligation, there are major practical drawbacks for websites that haven’t yet adopted HTTPS. First and foremost are the penalties (both direct and indirect) instigated by Google. In addition to flagging sites as “Not Secure” (a lethal form of click repellent), it has added HTTPS as a ranking factor for SERPs, which means sites that haven’t converted are likely to see their positions slip. There are also functional drawbacks to not having HTTPS. For example, web platform features that incorporate audio, video or geolocation capabilities need HTTPS to facilitate the many permissions these applications require. This means non-HTTPS sites aren’t just on the wrong side of Google, they’re on the wrong side of technological progress.
The Internet is moving forward, so if you don’t want your site to be left behind, it’s time to take action. To convert your site to HTTPS, you’ll need to add an SSL Certificate to your web server, which you can procure through your web hosting provider. If you’re a NationalWeb client with site hosting through our Pantheon web server, you can get one for free; otherwise, you may have to pay for a certificate—it depends on your provider and their policy. However, even if it costs you a little money, it’s certainly worth the investment to make this critical upgrade to your site.
To learn more about Google, SEO and digital marketing, read our other blog posts.
Want to revamp your business website or launch a digital marketing campaign? We can help!