This summer, the Google Chrome browser will flag sites that are not using HTTPS encryption. (A simple check within your web address bar to see if your website URL starts with https:// will let you know whether you need to take action or not.)
The change will affect every site on the web and more than a billion people who use Google Chrome around the world. That’s a billion+ people who might soon think twice before exploring your website.
What is HTTPS?
HTTP stands for Hypertext Transfer Protocol and refers to a standard way of sending and receiving data on the Internet. HTTPS, on the other hand, stands for Hypertext Transfer Protocol Secure. This means of sending and receiving data is private and secure.
More than 80% of the top 100 sites on the web now use HTTPS.
If you use Chrome, you may have already noticed that some sites have been marked as unsecure, signified by a warning icon in the address bar, like this:
Encryption – prevents anyone spying on your visitors, tracking their activity across multiple sites, or stealing their information.
Data integrity – for example, a transaction of $100 does not mysteriously become $1000 by the time it reaches the other end. HTTPS prevents anyone tampering with data in transit.
Authentication – proves that your visitors are communicating with your website, not with someone posing as you or your organization.
Why is using HTTPS important?
Google aims to make using the web safer by encouraging website owners to use strong protection to protect web users.
Sending and receiving data over the Internet could be likened to delivering and receiving physical mail. Data is, in fact, sent in “packets.” HTTPS ensures that the packets are delivered without an unwanted detour, and that the right person signs for it at the other end, adding “for [recipient]’s eyes only.”
HTTPS is not going away, so you’re not going to be able to sit this one out. Protection on the internet is only going to become more stringent. It’s best to get onboard with it now to stay in line with this important update to the way we use the net, and to continue to provide the best experience possible for your visitors.
How the Non-Secure Label Can Impact Your Business
Being able to demonstrate that your site is secure is especially important for e-commerce sites or sites asking for donations, where transactions are conducted over the web. Sites that ask for emails, to join a subscriber list, for example, have already been targeted by these changes.
Even if you don’t ask for email addresses or handle financial transactions, however, you should make sure that your site is secured with HTTPS. Why? With Google’s plans, not doing so will be like hanging a sign above the virtual door that says: “Enter at your own risk.”
Do you really want to place doubt in the minds of prospects from the onset?
A non-secure site is likely to suffer a loss in the following areas:
Trust – If you’re not taking care of security, you’re not looking after your visitors. Even if you don’t think that you need security for your site, (because you are only sharing content, for example) and even if that is true, having an non-secure website will make it look like you don’t care enough about your visitors to ensure their safety.
Rankings – HTTPS sites get a slight increase in search rankings. If all things are equal, the site with HTTPS would receive a small boost in the rankings.
Where you appear on a search results page can dramatically affect your traffic, so it’s worth taking this step to give your site the best opportunity to rank well.
Professionalism – Having what looks like an error appear on every page of your website looks unprofessional. You may feel that not securing your website is a choice, but to your visitors, it may look like an oversight.
What You Can Do to Secure Your Website
You provide this level of security by obtaining a digital certificate from a certificate authority.
The good news is that it doesn’t have to be difficult to make your site compliant with HTTPS. In some cases it can be as simple as clicking a button in your content management system (CMS). You just need to know where to find that button.
Let’s Encrypt aims to make securing your website as easy as possible by allowing anyone free access to the relevant digital certificates required. And you can find out more about securing your site with HTTPS on Google’s support pages.
In most cases, however, it might be best to work with your current website administrator or hire a web professional. Then you can rest assured that your site is ready for the change by June 2018.