We all want a safer web. A web that provides peace of mind over the fears of cyber-attacks and identity theft. As consumers, we do what we can to mitigate risk, but there are factors beyond our control. Webmasters and IT teams have a responsibility to deliver a secure experience. Still many companies have been slow or reluctant to take the necessary steps. They are missing a valuable opportunity. There are rewards available for securing your website, but the opportunity won’t last forever.
The Call for a Safer Web
Google made a call for “HTTPS everywhere
” at their annual Google I/O conference in 2014. Their plea is that all websites should use the HTTPS protocol instead of the less-secure HTTP. A valid HTTPS implementation provides encrypted data transmission between the website and its users. This security layer is a major asset in the prevention of cyber-attacks and data theft. The more common HTTP protocol does not provide encryption leaving websites and users vulnerable.
There are two key steps to enable HTTPS for your website. You must buy and install a valid SSL (secure sockets layer) certificate and update configuration on your web server. HTTPS with SSL provides authentication by verifying your web server's identity. It also offers protection against third-parties from spoofing your website. These are in addition to the data encryption feature mentioned above. These clear benefits make sense for every business to take advantage of yet the truth is that most do not. Common reasons are because they have never been victims of an attack or they fail to see themselves as a target. They can’t see the value and thus cannot justify the cost and benefit of moving to HTTPS. This approach is shortsighted and risky. Google knows this and is offering incentives to persuade businesses to take action.
The Rewards for Securing Your Website
Google is now giving HTTPS-enabled websites a lightweight boost in search rankings
. Savvy marketers and website owners know the value that search engine optimization (SEO) provides. They also know how difficult and expensive it is to gain advantages in SEO. This specific advantage is one of the simplest to acquire. Don't let the fact that it is "lightweight" diminish its value and importance. In the same announcement, Google mentioned that while the impact is lightweight now, they may strengthen the boost in the future. This position makes sense as they continue to encourage webmasters to switch to HTTPS.
Google has recently taken additional steps towards a safer web. Their search index will now use the HTTPS URL for search results
whenever one exists. While indexing a site, they are checking to see if a URL with the HTTP protocol also has an HTTPS equivalent. If it does, it will use that one as the search result link instead of the HTTP version. They want to present users with most secure experiences possible. It is important to know that if there is not an HTTPS equivalent, there is no penalty enforced. When the news concerning this was first release, there was some confusion.
The Risk of Not Taking Action
The push for a safer web is also extending beyond search engines. Google is taking action with their popular Google Chrome web browser. According to a report by Motherboard
, Google Chrome is moving toward displaying all non-HTTPS sites as unsecured. This action is confirmed on the Chromium project website
. Browsers currently only display sites that are using invalid HTTPS as unsecured. They also only show sites using valid HTTPS as secured. HTTP sites are currently not marked as secured or unsecured. This change is what Google Chrome is implementing. While this change may seem insignificant, I assure you it is not. With cyber-crime becoming so prevalent today, many consumers are on high-alert when it comes to browsing the web. This signaling that a website is unsecured can have a detrimental impact on consumer trust. With trust, a key factor in purchasing decisions, a lack of it has a definite impact on revenue.
Google Chrome is the only browser publicly reporting to take action as of now. Though Chrome is only one of the web browsers available to users, it is largely the most common. The latest browser usage stats
show 47.8% of worldwide browsing happens with Google Chrome. That is almost four times more than the next closest browser which is Safari at 12.9%. These stats prove the impact that Google’s actions can have on your website users. The other vendors are not publicly reporting any actions yet, but I expect they will follow suit soon. They too will get on board with this initiative for a safer web.
The Opportunity will be Gone Tomorrow
The rewards of having a secure site are in both the advantages gained and the damages avoided. The advantages are the boost in search engine ranking signals and increased consumer trust. The damages avoided are being identified as an unsecured site and presenting vulnerabilities to cyber-attacks. Those issues impact a businesses’ bottom line in many ways.
These benefits are not available forever, though. What is an opportunity today, will be a requirement tomorrow. Google will continue to push the agenda for a more secure web, and others will join them. To make the most of this opportunity, you must act swiftly; before your competition does. If your competition has already taken action, you need to catch up. Otherwise, they will continue to hold an advantage over you.
This post is focused on the business rewards gained from having a more secure website. It should not be ignored that the overarching benefits are for everyone, including you and me. A secure web delivers peace of mind and increased security in this widely connected world.