By Chase Lyne, Principal Search Data Strategist, Botify
People are more concerned with security than ever before, and rightfully so. In years past, many of us wouldn’t have given a second thought to inputting our personal information on a website. In the aftermath of highly publicized and far-reaching privacy breaches like Facebook’s Cambridge Analytica scandal however, the general population is much more scrupulous in deciding whether or not to hand over their data.
Google has been actively moving toward a secure web for over a decade. Naturally, this has implications for Google search results. A big move came in 2010 when they introduced encrypted search. Instead of searching on http://www.google.com, people had the option to start searching on https://www.google.com. The difference is so subtle you may not have even seen it — a single “s” that stands for “secure.”
Whereas HTTP stands for hypertext transfer protocol, HTTPS stands for hypertext transfer protocol secure. But before you can fully appreciate the difference between the two, you have to understand what HTTP does.
HTTP vs. HTTPS
HTTP is used to transfer data from a web server (where a website is stored) to a browser (where you view a website, like Chrome). The only problem with HTTP is that the information passing between the server and the browser is open to people who might want to misuse it.
With HTTPS, you’re adding a layer of security to that connection so they can’t be intercepted. The data passing back-and-forth between the server and the browser is encrypted, converted into a code to conceal it from those that are not authorized to view it.
What makes a website secure?
So how do you get from HTTP to HTTPS? You add a security certificate to your website, called a secure sockets layer (SSL) or transport layer security protocol (TLS). Adding this to your website provides three key layers of protection:
The security certificate must be issued by a certificate authority. Once you implement an appropriate certificate, you and your website visitors will be protected from people who might try to read private information, track activity, corrupt files, and other cyberattacks.
As of July 2018, Google Chrome started flagging all websites that hadn’t been secured with a security certificate (Safari and Firefox now display similar warnings). Even prior to this, Google was flagging non-secure websites but only ones that collected passwords and other visitor information.
You may have seen a warning like this in your browser:
This lets website visitors know that their connection is not secure. If your website was not secure when Google Chrome made this switch, you likely scared off some of your website visitors with this warning.
Since Chrome is the leading desktop internet browsers with ~67% market share, this was a big step in the fight for a secure web.
Years before Google Chrome started flagging non-HTTPS websites as not secure, Google announced that they would be incentivizing people to make the switch to HTTPS by offering a slight ranking boost to secure websites.
All other factors remaining equal, HTTPS could act as the tiebreaker that caused one webpage to outrank another.
Google remained consistent in their position that the main goal behind moving to HTTPS should be security, not rankings, saying that while HTTPS is currently only a slight ranking boost “we may decide to strengthen it because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.”
Although the slogan “don’t be evil” has since been retired from Google’s Code of Conduct when Google was reorganized under its new parent company Alphabet, it still remains a part of their DNA.
Google has always been concerned with doing the right thing, and pushing for a secure web is par for the course. They want people to feel secure, and when they’re not, they want to alert them to that risk. Because of Google’s massive push for a secure web and educating people on its importance, the population as a whole is much more informed about digital security.
In addition to the slight ranking bump, migrating to HTTPS has other benefits:
Botify shares Google’s passion for a secure web, which is why we have so many tools to help organizations confirm that they have successfully migrated from HTTP to HTTPS.
Here’s how Botify can help you with the transition from HTTP to HTTPS:
Our support team has worked with countless enterprises to help guide their transition over to a secure website. If you’ve migrated over to HTTPS within the last few years, or you’re planning on making that change soon, we’d love to show you how Botify can help. Request your demo today!