image description

Cybersecurity Update – Google Makes HTTPS Mandatory

There is a good chance, beginning in October 2017, visitors to your website might see it being flagged as an unsafe environment.

The New Cybersecurity Update

There is a good chance, beginning in October 2017, visitors to your website might see it being flagged as an unsafe environment.
On April 27, 2017, Google released an official statement declaring that any and all websites that have a text input field on their pages would show as “Not Secure” to a visitor if the website has not implemented HTTPS. Google is taking cybersecurity seriously and if you have a website, they want you to take it seriously too.
So far, HTTPS implementation has been deemed mandatory only for websites with password input fields and financial transactions (Credit/Debit card field). However, with the rollout of Chrome 62, Google plans to flag websites running HTTP when users type into any field on the website.
The new warning system is being rolled out to display even when a browser is running on incognito mode, this is being done as browsers are known to use incognito as it provides them with a sense of security, while unaware of the way this mode works.
HTTP Treatment in Chrome 62 (Off & On Incognito Mode)

HTTP Treatment in Chrome 62 | Cyber Security | Internet Security | HTTPS
Click to enlarge

While password fields, card details and text input fields are under the purview of HTTP not being considered secure, Google has hinted towards a possible scope broadening of this initiative. Thus, implying that, in the future, other parameters might be considered “not secure”. With Google’s progress on cybersecurity and the many ransomware and cyber-attacks in 2017, cybersecurity seems to be the topic of the year.
If this has not convinced you to switch to HTTPS as soon as possible. Read on.
 

HTTP & HTTPS – The Quick Rundown

Hyper Text Transfer Protocol (HTTP) is the protocol over which information is transferred over a network when you are connected to a certain website or network. HTTP has been the industry standard for years and has been seen as sufficient up until now.
HTTPS, simply put, is the secure version of HTTP. It ensures that any and all communication between your browser and the website over a network is encrypted or secure. HTTPS boils down to the fact that, your interaction with a website over a network cannot be intercepted by anyone else on the network. HTTPS offers this security benefit, by way of a security certificate issued by a certificate authority.

HTTPS – Why You Need It

 Security
Probably the biggest reason for making this switch, HTTPS came into existence as a more secure and safer protocol. Google believes everyone browsing the web has the right to be protected and the right to privacy. Policies and requirements of the world’s largest search engine put aside, as a company with a web presence, ensuring the safety and privacy of your visitors and browsers is a necessity from a moral standpoint.
In the longer run, it can also be expected that focusing on cybersecurity and providing privacy to your browsers would also build some positive brand image for you.

Protecting your business against data breaches should be your number one priority and it all begins with the development of a privacy-first website.

Trust and credibility
Google so far has used a simple exclamation symbol to warn users of the website using HTTP. It all comes down to if the average web browser is aware of what the symbol means. Seems like Google has decided to tackle this gap in knowledge by making the warning symbol prominent and convey the meaning clearly to every type of user on the web, as seen in the image above from the official Google blog piece on cybersecurity.
The detrimental effects of this could be huge. With all internet citizens clearly understanding the warning sign. You could in the long term see your website and brand losing credibility and trust with drops in visits, leads and conversions following soon.
Signs from your analytics
We expect websites still running HTTP to start seeing signs on their analytics once the HTTPS rollouts occur.
Very soon, you would start seeing a spike in bounce rates, drops in leads, conversions and visits. This is directly related to trust and credibility. Visitors landing on your website would be made aware of the security warning and leave. This, in turn, could translate to a lack of returning visitors and negative word of mouth causing further damage.
SEO and SERP ranking
The warning on the website can lead to visitors leaving immediately due to security and privacy concerns and not coming back. Users eventually would not click on your link when it appears on the SERP.
This poses a threat to your website as, according to backlinko, certain parameters such as organic click-through rate, bounce rate, repeat traffic (people coming back), website traffic rates and dwell time (time spent on the site) are speculated to be factors that affect your SERP rank.
While the above is a scenario based on strong speculations within the webmaster circles, you might want to consider the fact that since 2014, Google has been saying that HTTPS is a confirmed ranking signal.

The Verdict

In all fairness, the process of switching to HTTPS is technically demanding and we would not be surprised if you said it is daunting. Google’s best practice page on HTTP to HTTPS migration is filled with jargon and admittedly does come across as a challenging process.
However, Google has said that they will continue to work toward improved cybersecurity. They have declared that user privacy and security is paramount. The search engine’s official article on cybersecurity and HTTPS becoming mandatory also has strong implications pointing toward more parameters of website construction being considered “Not Secure” in the future.
In conclusion, it would be wise to migrate your website over to HTTPS to comply with the latest regulations in internet security. Who knows what Google would come back with next as an additional parameter for being secure. After all, almost 60% of users on the web are on Chrome & other web browsers such as Safari, Firefox etc. are expected to follow.
If you have queries or need a hand in switching over to HTTPS, head to our web development and other services page for information and contact us so we can help you become secure.
Watch this space for more information on all things Digital, Online Marketing, Web Design & Development, UX/UI, SEO, Analytics and Advertising.

Digital Strategy Consultants Ltd. is an IT & Digital Consultancy agency situated in the Digital Hub in Dublin. Founded in 2012 with a passion for digital marketing and a drive to bring innovation and a new level of best practices to the industry. Following a data and research-led approach, we specialise in – Web Design, Web Development, UX/UI Development & Design, Online & Digital Advertising, Search Engine Optimisation, Digital Analytics & Reporting, Conversion Rate Optimisation & Social Media.

Sources:

  1. https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html
  2. https://www.instantssl.com/ssl-certificate-products/https.html
  3. https://www.globalsign.com/en/ssl-information-center/what-is-an-ssl-certificate/
  4. http://www.oncrawl.com/switching-https-priority-2017/
  5. https://www.brightlocal.com/2017/01/06/http-vs-https-website/
  6. https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
  7. https://backlinko.com/search-engine-ranking
  8. https://www.ifex.org/2013/09/18/why_https/
  9. https://security.googleblog.com/2015/12/indexing-https-pages-by-default.html
  10. https://www.wired.com/2017/01/half-web-now-encrypted-makes-everyone-safer/
  11. https://www.netmarketshare.com/browser-market-share.aspx?qprid=0&qpcustomd=0
  12. https://www.surfeasy.com/blog/google-incognito/
  13. https://backlinko.com/google-ranking-factors
  14. https://www.wired.com/story/2017-biggest-hacks-so-far/
  15. http://www.smartinsights.com/search-engine-marketing/search-engine-statistics/

Discuss Your Project with an Expert Today

Get in touch with a brief summary of your requirement and we’ll be happy to discuss your project in an open and transparent manner.

Request a Consultation

Related Insight Posts

Navigating the Future of Digital Accessibility: Preparing for EAA 2025
Navigating the Future of Digital Accessibility: Preparing for EAA 2025

As the European Accessibility Act (EAA) 2025 approaches, organisations must proactively enhance their digital accessibility. This guide outlines criti..

Read More
Voice Activated: Exploring Voice Search Possibilities for Advertising
Voice Activated: Exploring Voice Search Possibilities for Advertising

This article delves into the rapidly evolving world of voice search technology and its potential impact on the advertising industry. It highlights the..

Read More
WordPress Security in 2024: Advanced Strategies to Protect Your  Website
WordPress Security in 2024: Advanced Strategies to Protect Your Website

This article delves into advanced WordPress security strategies for 2024, covering topics like blockchain technology, Headless WordPress, green web de..

Read More

Why Digital Strategy

To get customers, it’s imperative to be seen by the mass. Every successful company is unique and needs contrasting digital marketing strategies. Book a meeting with us and we will help you find the correct strategy for your company.

Our Approach