Why Make Your Website HTTPS?
In 2014, Google announced that it was encouraging everyone to switch from HTTP to HTTPS, and made
clear that doing so would have positive impact on a site’s search engine ranking. Since then, more
and more companies have completed this migration as part of their threat and vulnerability
management strategies.
Why make your website HTTPS? Simply put, it’s more secure, and while it was once reserved only for
websites that accepted credit cards or collected other types of sensitive data, the growing
consensus is that, as Google’s Pierre Far said three years ago, “all communications should be secure
by default.”
What IS HTTPS?
Let’s back up a minute and talk about what HTTPS is and how it differs from HTTP. The latter stands
for Hypertext Transfer Protocol, and it’s the means by which a client or end-user communicates with
the server, which houses the website the client is viewing. Through this channel, information passes
back and forth so that the user can browse and interact with the site. However, this channel is not
secure, meaning that while information passes through the network on its way between client and
server, it can be seen and even tampered with by others. Even when no sensitive data is being
transferred, the website the user interacts with can be modified by a third party—with malware or
unsanctioned ads being inserted into the site.
HTTPS (the “S” stands for “secure”) provides a level of threat and vulnerability management to both
users and servers by encrypting the channel through which data travels. Thus, would-be hackers are
effectively blocked from eavesdropping or meddling with the information. The encrypted channel is
created using Transport Layer Security (TLS), which used to be known as Secure Socket Layer (SSL).
Today, older versions of SSL are widely considered obsolete—they’ve experienced various security
issues—and newer TLS versions are significantly more secure.
What Can HTTPS Do for You?
Making the switch isn’t as simple as just pointing your browser to a new domain name. There are
multiple steps involved and it can be tricky to navigate, especially if you’re an inexperienced
user. However, this should be no deterrent, because HTTPS has three distinct and important
advantages over HTTP:
Boosts in Confidentiality and Confidence
At its heart, online security is about confidentiality. By blocking hackers from seeing or
interfering with transferred data, a user’s personal details, browsing history, financial
information, etc., both the site and its users are protected from threats such as data theft and
virus attack.
Think you’re immune? Make no mistake: every organization and every individual who uses the Internet
needs to be concerned with online threat and vulnerability management. A 2015 report released by White Hat Security indicated that a
staggering 86% of websites contain at least one serious security vulnerability. And in a 2015
article, Forbes reported that IBM President and CEO Ginni Rometty described cybercrime as “the
greatest threat to every profession, every industry, every company in the world.”
An Authenticated Experience
In addition to creating a secure environment for your users to interact with your site, when you
make your website HTTPS, it gives visitors a huge boost in their confidence in your site’s security
measures. More and more users are learning to look for the little padlock next to the address bar,
which signifies to users that the site employs HTTPS (as does the https:// that precedes the
website’s address in most browsers). When users see those signs, they know that they’re viewing the
website exactly the way the site’s owner intended. That’s because HTTPS assures users of the site’s
authenticity and protects the integrity of the data that passes back and forth.
Importantly, users also experience a deepened level of trust in the website, and by extension, the
website’s owners. And while users may not always know to look for the signs that a website uses
HTTPS, major browsers like Chrome and Firefox are beginning to roll out a threat and vulnerability
management strategy that will eventually include clearly labeling ALL HTTP sites as “Not Secure.”
So, for most websites, it’s a matter of when, not if, they’ll make the switch to HTTPS. When you
make your website HTTPS — even if your site doesn’t collect sensitive data — it lets your new and
existing customers know you value their security and privacy.
Improved Rankings
Just like when any website that migrates to a new server or makes changes to a site’s domain
details, our site will experience a slight dip in Google rankings immediately upon making the
switch. However, given that Google ranks HTTPS sites HIGHER than HTTP sites, the switch will
eventually boost our rankings beyond what we could achieve without migrating over. Remember, your
ability to be found by customers online is directly dictated by your Google rank, and switching from
HTTP to HTTPS is a relatively straightforward way to boost your SEO results.
However, the increase you’ll experience will vary depending on the size of your site, your
industry, and many other factors, so transitioning to HTTPS should be just one tactic in your SEO
strategy toolbox. It is anticipated, regardless, that the degree to which HTTPS boosts rankings will
only increase over time as Google and Mozilla strengthen their campaigns to eventually end the use
of HTTP.
Making the Switch
When you make your website HTTPS, it can be a tech-heavy, intricate process, especially for larger,
more complex websites. It requires many steps, communication with various parties, and a good deal
of back-end work. Despite the work involved, we want our customers to know that we take online
threat and vulnerability management seriously at every level, and that’s why we are switching to
HTTPS. We aren’t just walking the walk, we are talking the talk, taking the same steps to secure our
website that we’re recommending to other organizations.
If you’re concerned about your organization’s network security, call us. We’ll be happy to visit
your workplace and provide you with a comprehensive, Complimentary IT assessment!
Leave a comment!