If you’re reading this, it’s very likely your website hasn’t been converted from HTTP to HTTPS. It’s cool, I’m not here to judge – life gets in the way. But here’s the deal: HTTPS is now a must. What was once optional has become a not-so subtle mandate from Google itself (yes, that Google). It’s time to hurry up and get with the program already.
The Backstory
Let’s rewind the clock. For years Google has championed a safe, protected and private online experience for everyone, regardless of the website visited, its contents or the user accessing it. This has always been a hot-button topic among we techies, but largely ignored by those outside of the web development community.
So Google upped the ante and pushed all-in: the security of a website (or lack thereof) became a search ranking factor in their algorithm. No more theoretical discussion or debate – it’s real. Secure websites, those with a designation of HTTPS, display higher on a SERP (Search Engine Result Page) than their non-secure HTTP competitors – end of story. We now have your attention.
What Is HTTPS?
In the simplest terms, Hyper Text Transfer Protocol (HTTP) is how information is exchanged and transferred over the web. HTTPS is the protected version of HTTP – the “S” stands for “Secure.” Just think of it as Superman (or Supergirl), here to ensure the integrity of a users’ interaction with your website. Aside from the website address beginning with “https://”, you can easily identify a secure site by the padlock icon in the browser’s address bar.
SSL (Secure Sockets Layer) and its big brother TLS (Transport Layer Security) are the technologies that make it all work. In short, SSL/TLS provides a protective layer that secures the connection between a web browser and a web server. By scrambling the signal (so to speak), and encrypting the data exchange, SSL/TLS security ensures all information is transmitted securely. Without this protection, the web pages you visit and the data that’s being shared back and forth are wide open to those savvy enough to capture it. Yikes.
Evolve or Perish
For obvious reasons, SSL/TLS has long been the standard for financial institutions, web commerce and any site that collects sensitive information, such as social security numbers. Think about it: you wouldn’t input your credit card information into an unsecured website any more than you would leave your car keys in the ignition overnight. Online banking and shopping wouldn’t exist without encryption.
Related: A Simple HTML Guide DIY Basics
But why stop there? As the web continues to evolve, enhanced data integrity and web visitor privacy has become a major focal point of the conversation. The medium is rapidly evolving into an environment where all website interactions are secure. The responsibility falls on business owners and their web partners to make certain their playing by these new rules.
To help speed the movement, Google’s Chrome web browser has started to label websites without data security as “not safe.” All the other major browsers – Firefox, Safari, Internet Explorer, and even the new Microsoft Edge – are quickly following suit. The idea is to give the user all the information they need to make an informed decision before they interact with a website. Perception is reality; do you want your business to be viewed as unsafe by your web visitors? Of course not.
Marc Bruxelle/Shutterstock.com
The Benefits
Aside from avoiding the cruelty of public shaming, here are several key advantages to HTTPS:
- Confirms the authenticity of your website and domain
- Provides an SEO bump and improves Google rankings
- Protects the users’ privacy
- Builds customer confidence and brand trust
- Prevents ‘middle-man’ attacks, where data is hijacked, compromised or corrupted
- Reduces malware injection and/or distribution
Now What?
You’re convinced and ready to make the big switch – that’s awesome. The benefits far outweigh the challenges. So, what do you do?
There are plenty of DIY (do-it-yourself) projects in the Web-O-Sphere, but this endeavor is not one of them. It’s a complicated undertaking with a number of moving parts: the purchase of the certificate itself (and there are several different types at a variety of price-points), domain verification, server-side installation and configuration, the actual URL migration and redirection, testing, troubleshooting, re-testing, etc. It’s just not a quick and easy fix. A few wrong moves, and you’re in a rats-nest of trouble.
No worries – at Ironmark we’re here to help. You deserve a trusted partner with the technical know-how to research, advise, consult and, if needed, lead the charge. No two HTTP to HTTPS conversions are the same; you have a business to run, so just fill out the form below to schedule a conversation or get in touch any time. The integrity of your website has never been as important, so let’s get started.