Is your website HTTPS?

posted in: Security 0

The ‘S’ in HTTPS (Hypertext Transfer Protocol Secure) indicates the security and safety features for your website. It shows your visitors that your website and the traffic coming to and from it are protected by an SSL (Secure Sockets Layer) certificate; this is a digital certificate that helps in offering strong encryption and a secure connection to your website.

In July this year Google released the latest version of its web browser Google Chrome (version 68), which now highlights all websites without an SSL certificate. Although an SSL certificate is not a legal obligation and doesn’t affect how a website functions, it does provide a visitor with assurance that personal information that they are typing into the site is being instantly encrypted.

With this latest version of Google Chrome, even if your website is only a ‘brochure site’ or a blog, Chrome will display a ‘Not Secure’ message if you do not have an SSL certificate.

You may not require a visitor to input any personal data, but in the light of public concern over internet security, it’s likely the message will cause them to consider your trustworthiness. Put yourself in your visitors’ shoes – if you saw this message, would you feel totally confident about working with your business?

 

With that in mind, here are our five top reasons why you should have an HTTPS address right away:

  1. Increased Google Rankings – Google wants to ensure the best user experience for their customers, so understandably they don’t want to send searchers to insecure sites. Because of that, their ranking algorithm factors in the HTTPS status of sites.
  2. Improved Security – keep everything safer and more secure is simply a better option for everyone
  3. Updated Browser Labels – you do not want your website to be labelled as ‘Not Secure’ in the Chrome URL bar.
  4. Increased Conversions – while users may not have a complete technical understanding of secure connections, they do understand that they want a site to be HTTPS if they are providing personal information. Google Analytics is already reporting a difference in conversion rates between HTTP and HTTPS sites.
  5. Increased Customer Confidence – a secure connection gives your customers peace of mind that your website can be trusted, and their information is safe.

For more information on HTTPS we recommend this article from ESET –  Majority of the world’s top million websites now use HTTPS

If you would like to purchase an SSL certificate for your website, please contact us at customerservices@actystems.co.uk.

 

But not everyone uses Google Chrome, right?

True, there are other web browsers out there, but Chrome is the biggest and it continues to expand its market share. According to statistics published by Statcounter Global, Google Chrome represented nearly 60% of the world browser market as at March 2018 (http://gs.statcounter.com/browser-market-share), leaving the other major browsers trailing in its wake.

Can you afford to risk dissuading 60% of your web traffic from opening your site?

Where leaders go, others are sure to follow, and there’s every reason to anticipate that other web browser companies will soon introduce similar policies, making this a standard protocol. And from here of course, the next natural step will be to mark non-SSL sites in the search results.

What should you do?

Our recommendation to anyone with a website is to make sure it has an SSL certificate installed. Purchasing a certificate is easy but installing it on your website may require some technical knowledge. Adjustments may be needed to ensure the website continues to work as it should – so you’d be well advised to ask your hosting company or web developer to install it for you.

Check if your hosting company provides a free solution such as Let’s Encrypt, a free certificate which renews automatically. If they don’t, you might want to consider using Cloudflare, a security solution that sits in front of your hosting platform. It’s not ideal, because it doesn’t encrypt everything between browser and server, but it does enough to prevent the ‘Not secure’ message from being displayed. If you choose this option, you’ll need to repoint your domain, so some technical know-how will still be needed.