Don’t get Flagged by Google for Having A “Not-Secure” Website
According to Cybersecurity Ventures, cybersecurity damages will cost the world over $6 trillion annually by 2021. As a small-business owner, you may think your website is safe from attack. . . but you’d be wrong about that. Hackers target all kinds of websites with “bots” that collect your information and your potential customer’s data.
That’s just one reason why, over the past two years, Google has decided to make it a priority for websites to move to HTTPS encryption with SSL certificates. SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
Google is not saying it’s mandatory, but really, in so many ways, it is. If you don’t have the SSL certificate, a secure connection cannot be established, which means, your company information will not be digitally connected to a cryptographic key. The SSL Certificate has the following information:
Name of the holder
Serial number and expiration date
Copy of the certificate holder’s public key
Digital Signature of the certificate-issuing authority
Last year, Google began officially warning website owners that non-HTTPS sites would incur consumer messaging that identified the site as non-secure. When Chrome 68 is released in July, they will start doing just that, as the non-secure flag is built into the release of Chrome 68. Any websites that remain on the HTTP non-secure protocol will be flagged with a warning of “Not Secure” in the URL bar of the surfer’s browser.
If you think Google is being unreasonable, let’s take a look at why it’s important to your business and your customers that you have a secure website.
Securing Sensitive Information
You may think that if you’re not making payments on your website, then it’s all good. But almost all of us have lead-capture forms, search bars, and contact us forms on our sites, and I don’t know about you, but I still feel my name, email address, and phone number are sensitive pieces of information that I don’t just give to anyone, and your customers feel the same way.
When you make an HTTP connection with a website, that connection is not secure. That means that anyone can eavesdrop on the connection and steal or manipulate any data passed back and forth. Let’s look at the way the Internet actually works in terms of the way information is sent. The information you send on the Web is passed from computer to computer before getting to the destination server. Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted. When an SSL certificate is used, the data being sent is encrypted, which means the information becomes unreadable to everyone except for the server you are sending the information to. That essentially makes it worthless to anyone without the corresponding key. Beyond security, HTTPS also blocks ISPs from injecting ads on your website.
It is impossible to escape the rising tide of cybercrime if your website doesn’t have an SSL certificate. Hackers will identify weaknesses in your network to capture data when it is being transmitted between destinations. They will also find ways to inject ads and use your site to funnel information through it.
HTTPS Establishes Trust and Builds Brand Power
With SSL certificates, your customers will see visuals like a lock icon and a green address bar that indicates well-trusted encryption is in use. So customers will know their information is safe if they decide to sign up for your newsletter, fill in a form on the Contact Us page, or use the search bar on your site. Having credibility with your potential customers is most likely one of your most valuable assets as a company with a virtual presence.
Google has the most used web browser in the world and it’s also the largest search engine directory, which means they have enormous power when it comes to changes on the Internet. So, again, while they aren’t making the HTTPS designation/SSL Certificate mandatory, it’s safe to assume that a security warning label on your website could lead to drastic fallout in the number of people using your website. That warning could also decrease the number of times consumers spends on your site, increasing bounce rates and click rates. All of that will eventually contribute to decreased search engine rankings and less traffic to your site. So all of the time and money you’ve put into getting people to your website could potentially have been wasted if you don’t secure your site with an SSL certificate.