A change recently passed through Google that will, and has already, drastically affected millions of websites not using HTTPS. Simply put, starting January 2017, Google Chrome started tagging sites that are not using HTTPS as non-secure websites. This means that if you have a website that collects usernames, passwords, credit card information, etc., you will be marked as an unsafe website when the end user is using it. As of March the most recent versions of the Firefox browser (v. 52) also warns when you try to enter passwords or sensitive information on non-encrypted websites. An SSL boosts the trust and credibility of your websites and ensures secure browsing. If you have not got an SSL on your website it’s time you do.
Some are cheering this move as one that will make the web more secure and keep data hackers in check, while others see it is as an unnecessary and detrimental move by Google that will impact power users that run websites but also the not so techie small business owner.
What is HTTPS?
At this point you might be wondering what is HTTPS and why is it important for you as a business owner. HTTP stands for HyperText Transfer Protocol and is a language (or protocol) that is used for getting data from a web server to a client and vice versa. HTTPS is another type of web protocol but is the Secure version of HTTP (HyperText Transfer Protocol Secure). The back and forth between the web server and client is somewhat of a conversation. Using an non-secure protocol such as HTTP, that conversation between the web server and client can be intercepted easily by third parties not be authorized to see it.
Why Use HTTPS over HTTP?
The information is typically not of concern, but in some cases, there is an exchange of more sensitive information such as usernames, passwords, credit card information, etc. By using a protocol like HTTPS, a layer of security is added over that to protect the exchange of information that is happening. HTTPS will always be a better option for your website if available and gives your users better level of protection. Your users expect a level of security and protection when engaging with your website, so give it to them. In the past websites that had the HTTPS protocol were indicated by showing a green Secure marker and lock in the website address bar and websites that used HTTP, a non-secure protocol, simply had a neutral icon. This has now changed to indicate the level of security (or lack thereof) from website to website.
What Does This Change for HTTP Websites?
Moving forward Google will indicate a Not secure icon in address bar to let users know exactly when a website is not secure, not using a secure protocol. See an example of this below;
Google’s goal is to help users browse the web and engage with their web browser in a safer manner. These changes are a part of a gradual restructuring of how Google processes and takes in information and data. During their development of this new rollout, they reviewed studies which demonstrated that users did not see a ‘lack’ of a secure icon as an issue. This means many users could be browsing the web without any reservations when there is cause; using non-secure protocols could lead to a number of issues including, but not limited to, identify theft or stolen online accounts. This was one of the primary drivers in making the alert in Google Chrome more noticeable.
How Do I Get HTTPS?
There are two steps to the process to make sure that your website remains unaffected by the change and that you a secure HTTPS protocol on your website. First you will need to get an SSL certificate. Depending on the hosting company that you use for your website, your SSL certificate could be as much as $149.99 or as little as $74.99. If you’re not sure that your hosting company offers SSL certificates, check and find out. If they don’t you might want to consider another hosting solution for your WordPress website. Once you have your SSL certificate purchased, the second step is to review your website, make sure there are no elements which are incompatible with HTTPS, fix the ones that are not and then install your SSL certificate. Once your SSL certificate has been successfully installed, you will be able to proudly wear your green secured lock in your Google Chrome browser’s address bar.
Deciding not to use an SSL certificate and run your website on HTTPS will lead to trust issues on your site, impact your search visibility and rankings ( yes google has indicated that HTTPS is part of their ranking algorithm) and most importantly information passed to and from your website maybe compromised. Since this is only the first step that Google is making towards promoting more secure sites, there is a chance that more penalties maybe imposed down the line. Don’t get caught behind the curve and lose traction for your business as a result!
Need HTTPS? We can help!
One of the benefits of being an experienced web agency is that we already know how to do all of this, and have done it, for hundreds of websites. Even our own website is HTTPS as well as every client that we host on our Website Care Plans. Keeping up with the latest that Google does can be tough sometimes and if you’re updating your own website there are a number of things that can go wrong and possibly hurt your online visibility. Maintaining your website and keeping up the standards that Google rolls our doesn’t have to be hard. Let us help!
Our Phoenix web design company has been a Google technology partner for years, and we have helped small businesses grow since 2001. Find out more about what makes us the best choice for developing your site by clicking here to request a free consultation today!