Privacy and security are two of the hottest buzzwords around the web, from facebook’s security breaches to Net Neutrality, GDPR, and SSL. While new standards and practices appear at first glance to bring more hassle for website owners and developers, it’s a great benefit to the experience of the end user, or to be more direct, your potential customers!

How often have you wondered if a site you were visiting was safe, whether their information could be trusted, if you would be scammed by buying from them, or how much spam you would get from subscribing to a mailing list to access a resource or article?

Site visitors are potential customers, and your business’ reputation is on the line with their experience on your website. You want them to be confident they can trust you and your website, and for many visitors, your website will be the first impression they receive of your business.

Revisiting SSL

Last summer we addressed site security and SSL (take a look at it for an introduction to SSL). If a site is secured with SSL, it will show up as a “safe” site to Google. You won’t notice many differences except that your site is accessed at https instead of http and a green padlock and “Secure” rating (depending on your browser) appear in the browser address bar.

SSL is a security feature that indicates both to Google and to users that your site is owned by you and that they can safely browse your content, fill out forms, and make purchases (if applicable) without being in danger of phishing or having their information stolen.  This also provides an SEO benefit because SSL now affects search engine ranking; Google rewards sites that provide a secure user experience with a higher search ranking.

Don’t Get Caught with an Insecure Site

Google has already changed their search criteria to blacklist ecommerce sites that are not set up through SSL, and other sites will be soon to follow. The date has been pushed back several times, from February to July and now October, but before the end of 2018, Google will mark all websites without SSL as unsafe.

If your site isn’t secured through SSL, visitors will get a warning that your site is unsafe. They’ll have the option to proceed anyway and continue to access your site, but you can imagine the impact this will have on bounce rates for potential customers who are scared away by the warning.

Adding HTTPS

CS Design has been building new sites with SSL since we became aware of Google’s policy. Unfortunately it’s a little more labor-intensive to “remodel” a site for SSL. Several pieces are involved:

  • SSL certificate. This is the most important piece, and it is issued by a third party which verifies that the site owner matches the registration info for the site. Think of it as a background check for your website. As with criminal background checks, different tiers are available which go into further detail to verify site ownership, and the deeper the investigation, the higher the cost. Fortunately, a basic certificate is good enough for Google.
  • HTTPS address. Your site needs to have all the traffic redirected through https; otherwise, your old http address will serve as a backdoor to your site, and users will receive Google’s warning. With a new a site, it’s pretty simple: the site is only built with an https address, so there’s not an http address to worry about.
  • Images and content. Images, pdfs, and other resources on your site are served to viewers as internal links. If the site was created as an http site, all of those resources are still linked as http and they need to be changed to https. This can be a very tedious process to take care of individually!

What If My Site Isn’t Secure?

An easy way to tell if your site is secure is to look at the address bar. If your site address begins with https your site is secure. If it’s only http, it’s not. Contact us if you’d like to confirm the security of your site. If it isn’t, don’t panic. It won’t require a site rebuild, and we are happy to provide a reasonable quote for securing your site.