Why HTTPS should be top of your 2018 plans

Why HTTPS should be top of your 2018 plans

Your time is almost up. If you haven’t installed an SSL certificate on your website and migrated to HTTPS, your website WILL be marked “Not Secure” by the summer. If your site is still running over HTTP, you need to get SSL.

This year will be the year of encryption. We’ve already seen browsers pushing the web towards encrypted HTTPS connections in earnest. Starting in January 2017 with Google and Mozilla updating their browsers’ UI and beginning to mark HTTP sites with password fields “Not Secure”.

Shortly afterwards, the warnings ramped up, and the browsers started issuing warnings for any HTTP page with a simple text field. By summer 2018, browsers will be actively marking ANY HTTP website as “Not Secure”.

SSL Warnings

This is not what you want your users seeing.

Even with all these alerts, and plenty of notice, there are still millions of websites that have yet to address the issue. If you’re in the dark, here’s a quick catch up.

How does SSL Work?

A quick and simple explanation: an SSL certificate is essentially a piece of software. Once correctly configured on your website and server, users will start to visit your website via HTTPS. Their browser will be sent a copy of the SSL certificate and a copy of a public key. The browser then uses the certificate and the public key to authenticate the server before exchanging session keys and forming an encrypted connection. This continues until the user leaves your website.

Want to know more? Take a look at our free ebook to learn all about SSL Certificates.

It is important to remember that an SSL certificate does not protect your website, you may still be vulnerable from DDoS attacks, Brute Force, Logjam, and other vulnerabilities.

Why do I need SSL Now?

Everything we know is built on HTTP (Hypertext Transfer Protocol), and it has served us well over the past two decades, but there is one glaringly obvious issue; it’s not secure. Any data transferred over a HTTP connection is out in the open and vulnerable to hackers eavesdropping on the connection and potentially stealing information, or someone being able to position themselves between the user and the server, better known as Man-in-the-Middle attack.

When installing an SSL certificate, you begin using HTTPS. It uses encryption to authenticate the server and protect the data being transmitted, making it a lot harder to steal this information. With data protection more important than ever, and new laws coming into play (GDPR), you can see why browsers are pushing for HTTPS to become standard.

Why do the browsers get to decide?

You could say that browsers hold all the cards, certainly a very strong hand. When was the last time you were able to surf the internet without using a desktop or mobile browser? Would you even know how to? People need browsers to view the internet, and businesses need them to display their websites correctly. They hold a lot of power, which allows them to dictate their own terms.

Now, let’s not start a revolution against the browsers. After all, they are acting in the best interests of their users and making a better place for us all. By creating more secure connections they will in turn create a safer internet. Who doesn’t want that?

OK, but does it have any other benefits?

The simple answer. Yes.

Not only is SSL important for encrypting communication and securely storing information, it also helps increase conversions by building trust with your users.

Before you can get an SSL certificate on your site, you will have to answer a few questions about your site and/or business. This allows the certificate authority to verify that you are indeed the website and business you say you are. Meaning, that if your site has SSL installed, your users will know that you’re a legitimate company that won’t steal their information.

Whereas, if visitors start seeing those scary red warning labels, something as simple as entering a name, email, and phone number into a basic lead generation form will cause anxiety and concern. And we’re guessing you’d rather build trust with your users?

It’s not just browsers that are paying attention to HTTPS. Search Engines want a more secure internet too. That’s right, we’re talking about good old SEO, and it’s no surprise that Google is leading the way. Security has always been a top priority for Google, so they are now taking SSL certification into account in their search rankings. Just paying attention to this small piece of information could result in you ranking higher than your competitor.

In early 2018, about 70% of Google page one organic listings are HTTPS

mozcast.com, 2018

Wanna go faster? Site speeds make a big difference in converting your visitors to customers, and with SSL you’ll get a nice performance boost by enabling HTTP/2 support. More on HTTP/2 later on, but why not take a quick test and see for yourself now – HTTP vs HTTPS.

What if I don’t need SSL?

If you’re still thinking this, we’re sorry to say it – but you’re wrong! It’s no longer about who does and who doesn’t need SSL. Other than secure connections being much safer, there’s also a technical reason for browsers wanting to shift the internet to HTTPS.

HTTP/2 is the successor of HTTP. It performs better and it’s faster. It’s also requires secure connections. The introduction of HTTP/2 so far has been gradual, but it’s a standard the internet wants to adopt universally. Switching to SSL helps facilitate this change. Progression for us all.

Be proactive, Act now.

We know we’ve said it already but seriously, you NEED to get SSL. It’s not optional anymore, nor is it just for banks or eCommerce. Everyone needs SSL going forward into 2018. Don’t wait until the last minute. Get it sorted now, speak to a member of our team about getting your website secure – 0333 121 2013 or download a copy of our free ebook which covers everything your need to know about SSL.