Some businesses are reluctant to commit to the expense of https. The SSL cert is a new annual charge on being online, and the process of converting a website to https involves technical skills and server access that most will have to pay somebody to do for them. But the tide has turned in favour of security in several ways.
It’s the law
Responsible businesses have always wanted their customers personal information and credit card details to be collected safely via their website. That became a legal necessity with the roll out of the EU General Data Protection Regulations in May. See our article here.
The public wants it
An SAS poll show that most people now expect companies to demonstrate a concern for security and respect for storage of their personal data. While the ‘right to access’ (getting a copy of your personal data held by an organisation) topped the SAS poll at 73pc, the ‘right to erasure’ is also a priority for 66pc. Says Charles Senabulya, vice-president and country manager for SAS UK and Ireland:
“We are entering a new data era that requires a firm grip of customer data – one that rewards consumers as well as protects their right to privacy.”
Google are now using carrot and stick
Converting your website to https is now a marketing imperative as well. Google has responded to the changing climate on data security with updates to its search engine, Chrome browser and Google AdWords. Why are these Google changes significant? Because Google remains the No 1 search engine in Ireland delivering results for over 96% of all searches, Google Chrome is the chosen browser of 66% of users, and Google AdWords according to Wolfgang, “generates 62% of all traffic and 63% of all revenue from online Ads in Ireland”.
So what are Google’s changes?
There are many, but two are important in this context.
Security: Focus on HTTPS
In 2014 Google announced that going HTTPS — adding a SSL 2048-bit key certificate on your site — would give you a ranking boost. They also began to mark some http sites as insecure and declared https the “industry standard”. As Google put it:
“You want your customers to have a safe and secure experience, every time they engage with your website. Too many brands still use unencrypted HTTP to send users to their landing pages. That’s why Google strongly advocates that sites adopt HTTPS encryption“.
This is already working. If your business site is not marked https (Hypertext Transfer Protocol Secure) you are now in the minority. Recent Google figures record that:
- Over 68% of Chrome traffic on both Android and Windows is now protected
- Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
- 81 of the top 100 sites on the web use HTTPS by default
This campaign is now stepping up with carrot and stick. In 2018 Google announced that it would be making https the norm. As well as its continued boost to search ranking for https sites, from July 2018 Chrome has been marking all HTTP pages as “not secure.”
Parallel tracking
This is Google’s new way to accelerate the user to their final destination in Google Ads. When a user clicks on your ad but fails to get to your website because the connection is too slow, you will pay for the click but get no benefit from it. Parallel tracking was optional but later in the year it will be the only method available. Again, why does this matter to you? Because parallel tracking only supports server-level redirects and every URL in the tracking redirect chain must support HTTPS. The tracking sequence will terminate at the previous URL when HTTP or on-page redirects like JavaScript or HTML are encountered. There will be no impact to the user experience as tracking happens in the background, but trackers that don’t get called will not receive the click tracking information.
How do you convert your site to https?
You will need an SSL (Secure Sockets Layer) certificate registered to your domain, fitted to your server and then connected to your site . Then your site can be converted to https by changing all of the links, urls and active content from http to https. Here is an SSL checker to test if your site is SSL and https compliant. Sslshopper.com ssl checker
Here are eight reasons why you should have an SSL cert.
- An SSL certificate will give credibility and reassurance to visitors to your website.
- Browsers (Chrome, Firefox, Safari etc) will mark the site as safe to visit and transact with (as opposed to being marked unsafe).
- SSL certificates confirm that the domain name has been verified as genuine. They can also verify business details.
- Customer contact information and credit card details can be submitted securely via the site using encrypted code technology.
- Google will rank your site higher than non SSL sites.
- The https designation will prevent your site being blocked in searches by security ware or web filters.
- GDPR legislation expects you to take all reasonable steps to safeguard customer data or credit card information if you collect it via your website. SSL is an essential safeguard.
- Https sites will allow parallel tracking so that Google Ads will work better for you.
The Fastnet Group can test your site for GDPR and Google compliance. We also sell and fit SSL certificates and can convert your site to https.