As already cautioned in the last few years, Google have been making gradual moves towards a more secure web, by marking a larger number of HTTP websites as “not secure”. A secure site clearly displays the padlock symbol in the address bar, whilst a site without the SSL certificate has an info symbol.
The latest update on Google’s security blog, now states that with the release of Chrome 68, in July this year, Chrome will mark all HTTP sites as “not secure”, even if they are just brochure or informational sites with no eCommerce or form filling functionality. Here is how your website will look if you are not secure after July 2018:
Why is going secure so important?
As we have mentioned in previous blog posts, visitors to your website will be deterred if your site is not secure. Here is some further information:
1. HTTPS protects the integrity of your website
HTTPS helps prevent intruders from intercepting and tampering with the communications between your website and your users’ browser. Intruders mean intentional and malicious attackers, but also legitimate companies, such as ISPs or hotels that place ads into pages.
Intruders exploit every unprotected piece of information that travels between your website and your visitors. Images, cookies, scripts, HTML, text … they’re all vulnerable. These breaches can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP.
2. HTTPS protects the privacy and security of your visitors
A secure website (HTTPS) prevents hackers from being able to ‘listen’ to communications between your website and your visitors.
Don’t fall for the common misconception that HTTPS is only needed by those that handle sensitive communications (credit card purchases or form filling). Every unprotected HTTP request can potentially reveal information about the behaviours and identities of your users. Although a single visit to an unprotected website may seem like a harmless action, some hackers look at the aggregate browsing activities of your users to make inferences about their behaviours and intentions.
3. HTTPS for future functionality
New web platform features, such as taking pictures or recording audio with getUserMedia, or building progressive new web apps, require the explicit permission from the user before the function can be executed. Many older APIs are also now being updated to require permission to execute, such as the geolocation API. HTTPS is a key component to the permission workflows for both these new features and updated APIs.
4. Google Prefers HTTPS
If you rely on organic traffic from Google, this is as good a reason as any to make your website secure. Although hard to pinpoint the strength of this as a ranking factor, you can be sure that if you and a competitor are neck and neck in the rankings and their website is secure and yours is not, they will come out on top. As users become more aware of online security, they will certainly not spend time on an insecure website either.
What are you Waiting for?
There really is no good reason now to hold back any longer, a secure website makes sense on every level. If you would like any advice or help with moving to HTTPS, give one of our team a call on 01793 766040.