Recently our team has fielded a lot of questions about website security. Most of the time our clients receive a cryptic email asking “Is your website secure?!” and then inquire if they’ve transitioned to HTTPS.
These messages are often from old web hosting companies or old web designers trying to scare people into new contracts. However, they aren’t entirely wrong. The subject of web security is an important one
If you are a Clear Partnering Group client, this was taken care of a long time ago and you need not worry. Nonetheless, we wanted to spend just a few minutes going over why you should care about making sure your website is HTTPS compliant.
What is HTTPS?
If you don’t really want to read the rest of this article, we can summarize it like this: It’s a legitimate security measure with significant benefits that Google – and the rest of the world – want you to implement. You should just do it.
HTTPS is a web security protocol that’s been around for decades and helps prevent the tampering of the traffic between your website and your users who are on your website. It confirms that your website is not malicious and you are who you say you are. Essentially, it confirms your website has taken the measures to secure your own data as well as protect web viewers.
HTTPS’ primary goal is to secure the information that is sent between a website and a website user.
What if I don’t do anything?
If you don’t do anything, some decidedly not cool things are going to start happening when people visit your website.
Here’s a quick list:
- Most browsers are going to start annotating non-secure sites like this (source)
- Google Chrome is specifically going to show this (see image)
- Some browsers will refuse to serve parts of your website (source)
- Any code requests from Google, Facebook, Maps, and others won’t work anymore (source)
- In rare cases, your website could have ads injected into it by your ISP (source)
- If you have a form on your website, browsers will start telling users your site is insecure. (source)
- In the case of a keyword tie, you could start losing web traffic. (source)
- Every page that is unencrypted could be more susceptible to web attacks.
What are the benefits?
There are actually quite a few benefits to HTTPS.
Here’s a quick list:
- Google does use HTTPS as a ranking signal in search results (source)
- HTTPS allows us to use code that speeds up your website significantly, resulting in Google SEO gains.
- It’s highly recommended and will eventually become the new norm. It basically already is.
- Google’s research shows that load speed is directly related to how long people stay on your site. (see below)
- HTTPS is by definition significantly more secure. Security is a big deal.
Google Research on page speed
Google’s latest research shows that the chance of a bounce increases 32% when the page load time goes from 1s to 3s. 1s to 5s increases the chance to 90% and if your site takes up to 10s to load, the chance of a bounce increases to 123%. That’s incredible. For search engines, better results and performance is a sign of a healthy site that pleases customers and therefore should be rewarded with a higher ranking.
Also, Google has recently gone on record saying that page speed will be a ranking factor in its upcoming mobile-first index. (source)
Long term – Use HTTPS everywhere
Eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields. Even if you adopt one of the more targeted resolutions above, you should plan to migrate your site to use HTTPS for all pages. (source)
HTTPS Might Actually Affect Your Rankings
Google has indicated that it can have an effect on traditional search rankings. We know that when Google says to do something, you just do it! When it comes to how HTTPS will affect SEO, Google has basically said, “Yes.” and “No.” at the same time. They’ve mentioned that speed is a huge factor and then when presented with two similar results, the tie goes to the secure site. But website owners shouldn’t expect huge swings in ranking because of HTTPS.
Website security is very important, but it’s not the whole picture. Making sure your website loads fast, engages users, has great content and shares your clients’ stories is also extremely important. Security is obviously important and it’s something we’ve addressed since day one – so this isn’t really a big issue in our minds since the sky is very much not falling.