Why SSL Should Be Enabled on Your Website
John M. Haddad
Did you ever look in your browser window and see an “https://” in front of the name of the website? Do you know what SSL is? Should you care?
What’s that extra “s” for? Well, it turns out that the “s” stands for “SSL,” which stands for Secure Sockets Layer — the technology that encrypts your connection to a website, so that hackers can’t intercept any of your data.
So why is this so important? Well, there are many reasons, but I will highlight some of the key reasons for you. I will use HTTPS and SSL interchangeably throughout this post, but they are essentially the same.
It’s better for your customers
It seems every day we hear of hacking incidents where thousands of records were stolen from a company website. The publicity alone is enough to drive company stock down and result in millions of dollars in loss. Your customers are now becoming more and more security conscientious when browsing websites. They will not enter any personal information into a form on your site without trusting that their data is being transmitted securely.
SSL helps to prevent these “man-in-the-middle” attacks and keeps the information secure. Data is encrypted between the customer and your website server. This is especially important for websites that accept credit cards, in fact it’s imperative. But these days, even entering information into a contact form will be important for your customers to ensure data is not compromised.
In summary, using SSL on your website = trust.
It’s better for search
Every second of the day, Google is continuously indexing current websites and new websites. Google’s algorithm requires sites to essentially battle it for top search rankings.
One of the major tiebreakers involved is HTTPS. Google has started to give more points to sites that are HTTPS enabled. If two sites are equal in ranking, the one that HTTPS enabled would get a significant boost over the others.
It all goes back to the idea that Google is constantly solving for the user, and makes frequent changes to its algorithm that create a better experience. Which is why we mentioned it being better for your customers as the top reason.
Google is indexing mobile
It turns out, Google is actually going is staring to indexing mobile, which means that its algorithms will eventually primarily use the mobile version of a site’s content to rank pages from that site.
In order for a mobile site to be indexable, Google recommends several best practices, one of which is to start by migrating to a secure site. Google is also looking at the “mobile friendliness” of the site, but as mentioned above, when all is said and done, Google will rank HTTPS sites higher than HTTP sites.
Browsers will soon be displaying “Not Secure”
Starting in January, 2017, Google’s Chrome browser began displaying a “Not Secure” warning in the browser window for any site that asked users for login information or for credit card information. If you are like me, when I’m about to make an online purchase and see that the site isn’t secure — for example, that the padlock icon in the browser bar is broken or a warning is shown — I navigate my business elsewhere. And I’m not alone. In fact, only 3% of online shoppers say they would enter their credit card information on a site without the green padlock.
That is going to change again in October, 2017. Now, Google Chrome will start showing the “Not Secure” warning on any page that shows a form. So if you have an opt in form for a newsletter or a contact form for a potential customer to get in touch with you, Google will flash the “Not secure” warning on top of the page. Imagine what your customers and potential customers may do. It could result in a huge blow to potential revenue.
Summary – SSL Everywhere
You may hear of this term, “SSL Everywhere”. Essentially any page on your site should move towards HTTPS and SSL security. Google has moved from flagging sites without SSL that take credit cards to flagging sites that are using basic input forms without SSL. I anticipate that in the next year, Google will flag all webpages as not secure. And Google’s Chrome browser is not alone. Many other browsers like Firefox, Safari and Edge have already begun to follow suit.
I’ve spent the past few months moving all of my WordPress sites I have designed and continue to support to SSL. You can see the padlock (or secure indicator) in the browser window of this post along with the https://bisinet.com in the address bar. A few of the older websites will need to be re-developed in the future. Any new websites I design going forward will be developed with SSL implemented automatically.
I hope this article educated you on what the future will bring with secure web sites. Don’t wait till your customers start seeing “not secure” in their browser window to move to SSL. Your competitors are doing this … you should too!.