SSL is the backbone of our secure Internet and it protects your sensitive information as it travels across the world’s computer networks. SSL is essential for protecting your website, even if it doesn’t handle sensitive information like credit cards. It provides privacy, critical security and data integrity for both your websites and your users’ personal information.
Until recently, most website owners have not had to worry about special measures to secure their web pages unless they were conducting eCommerce transactions, or collecting sensitive information such as medical or banking data. But now all that is changing.
Google now officially recommends securing websites with HTTPS, which means that not only will this be important for organizations that want their websites to perform well in search, but more and more visitors will come to expect it.
In short, website security is no longer something for only certain types of websites to worry about – it’s a best practice for all businesses and organizations that want to optimize their search engine performance, establish credibility with visitors, and maintain a professional web presence.
What is a “Secure” Website Anyhow?
Website security covers many areas , but for the purposes being discussed here, it means that the website utilizes SSL , which stands for Secure Socket Layer, a standard security technology that establishes an encrypted connection between a web server and a browser, with the URL being prefixed with “HTTPS” rather than the standard and unsecure “HTTP” (with that extra “S” standing for “Secure”).
Put simply, SSL secures the information that is shared between you (the browser) and the website that you are viewing or interacting with. Any information that you normally submit to a website (or retrieve from a site) is sent as plain text and can be viewed if an attacker is able to intercept the information. SSL encrypts the information that is shared between the browser and the web server, so that even if a user’s information is intercepted by someone who is not supposed to have it they will not be able to read the data.
It’s not hard to understand why SSL has historically been considered a best practice for any website that is processing transactions with sensitive data such as social security numbers, credit card numbers, personal health records, or login credentials. Now, SSL is becoming a best practice standard for all websites, including those that do not necessarily process sensitive data.
Google Wants You to Have a Secure Website
Back in 2014, Google introduced the idea of “HTTPS everywhere” and also indicated that websites using SSL would receive a small search benefit from https as a ranking signal. You would think that these public declarations would have been enough to get everyone using HTTPS as a new standard, but that never really happened on a wide scale outside of eCommerce sites that were already using HTTPS anyhow. But in 2016 Google really changed the game when they updated their Chrome browser to explicitly identify sites that do not use HTTPS as “Unsecure”.
Browsers Now Shame Unsecured Websites
You may have noticed that most common desktop browsers such Internet Explorer, Chrome, FireFox, and even mobile browsers, such as Chrome on Android, and Safari on iOS prominently show lock icons to indicate when a site is secure via HTTPS. Chrome in particular goes a step further by labeling standard HTTP sites as “unsecure”, as you can see in these examples (the same page for wholefoodsmarket.com viewed in Chrome – one with HTTP, and the other with HTTPS).
Because of these browser cues, website users are increasingly becoming conditioned to identify when a site is secure vs. unsecure, and with that comes an implied sense of credibility and professionalism in favor of secure sites. This is especially important for business websites that have a brand image that is reflected in their web presence.