Securing your website starts at the domain level by ordering an SSL (secure sockets layer) certificate; it has benefits for your search engine optimization (SEO), too. It’s no surprise Google is leading the charge to help protect users when they’re sharing critical data like passwords, credit card information, and other personal information. SSL certificates validate a website’s identity and encrypt data that is shared or collected, making transactions more secure.

For some time now, Google has been talking about universal encryption, pushing site owners to migrate from HTTP to HTTPS (hypertext transfer protocol secure). HTTPS adds a security blanket to connections between web servers and users’ browsers through the use of secure sockets layer (SSL) certificates, particularly text fields where users enter their personal information.

Why You Should Make Your Website More Secure

Most users are familiar with using HTTP when typing a URL (Uniform Resource Locator) into the web address bar of any popular web browser, such as Google Chrome. HTTP is a common protocol and has been around for years. The downside is HTTP is not secure. Cyber criminals are able to manipulate and steal users’ personal information as it is transferred to and from web servers to individual browsers.

The pool of targets cyber criminals can pursue is growing significantly larger. In 2022, Cybersecurity Ventures predicts that there will be 6 billion internet users on the planet, up from 2 billion users in 2015, and a staggering 7 billion users online by 2030.

News stories in Washington, DC and Virginia cover cyber security lapses that businesses and government entities have faced because they are very disruptive. It goes without saying that the cost of cybercrime is growing exponentially. Global cybercrime may reach $10.5 trillion annually by 2025, up from $3 trillion in 2015.

Cyber security is so important that the Commonwealth of Virginia requires by statute that all public entities report instances of cyber crime. And, the Virginia Small Business Development Corporation (SBDC) offers resources to help small businesses get up to speed on the topic to protect themeselves.

You’ve Been Warned About SSL

In early 2017, Google introduced a new icon on their browser’s URL bar reflecting a padlock icon and the word “Secure” for those sites that are HTTPS compliant and have SSL in place.

Most e-commerce sites and certainly all of the high-traffic sites you might think of including Amazon, LinkedIn, and the Washington Post have that little padlock in the URL window that indicates they are secure.

In 2018 Google Chrome began flagging conventional HTTP sites as “Not Secure” in the URL bar, warning them that a website is not secure. Regardless of whether text fields exist on the page or not, even secure search software such as McAffee does the same.

The next version of Google Chrome (Chrome 68) is due out in July 2018 and the search engine giant is turning up the heat. Any HTTP site will be marked “Not Secure” regardless if text fields exist on a webpage or not. Most browsers now indicate that a website is not secure if the SSL is missing.

Common Myths Small Businesses May Have About SSL

Is HTTPS worth it and what actions if any should small businesses and nonprofits take now to secure their website using SSL? Below are some of the most common myths about HTTPS and SSL.

Myth #1: HTTPS is expensive and time-intensive

Free SSL certificates that enable HTTPS are available, although be sure and check with your web developer to ensure most browsers and devices will accept free SSL. You may benefit from a higher-level SSL that provides more validation depending on your business and whether you have e-commerce enabled or accept donations online.

In most instances, you can find affordable certificates that are renewable annually and offer warranties and widespread support across browsers and devices. SSL doesn’t have to be challenging. Organizations just need to understand the type of data that needs encrypting, where it resides, and who should have access to it.

Myth #2: HTTPS produces latency

HTTPS should not have any material impact on the speed of your site. In fact, one site even claims an unencrypted version of the page loaded more than 300 percent slower than HTTPS.

Myth #3: HTTPS sites don’t rank higher than HTTP sites in Google searches

In 2014, Google stated it would give preferential treatment to sites with SSL/HTTPS, giving them an SEO boost over their unencrypted counterparts. Google is also blacklisting HTTP sites that trigger deceptive content warnings, which are unsafe code that lures users into giving up personal information.

More than 60% of websites are loaded with SSL/HTTPS according to Qualys SSL, which maintains a global dashboard of the world’s most popular sites and the adoption of security protocols. The industry is sitting up and taking notice, and security is improving day by day.

Myth #4: HTTPS sites can’t be hacked

SSL protects visitor’s data in transit from your web server to their browser and back. SSL doesn’t protect your website from being hacked from other types of cyber attacks. There are many other types of attacks, including malware, password hacking, ransomware and phishing to name a few. Fortunately, there are many things businesses can do to minimize cyber security risks.

There is no such thing as a security solution that will protect data 100 percent of the time. It’s not a question of if your organization’s data will be compromised, but a question of when. Encryption can lessen the sting of a breach, since encrypted data requires a key to access that data.

Myth #5: HTTPS is only for large enterprises, not small businesses

Visitors expect a secure browsing experience regardless of the size of your company, organization or website. If you have an e-commerce site, conduct transactions, or collect customer data, SSL and HTTPS is critical to your digital presence. A secure website can also strengthen your brand and build trust within your customer base, particularly when they see that padlock icon in their URL bar.

Let Us Help You Put SSL and HTTPS to Work for You

Don’t upset Google and other search engines. Migrate your website to HTTPS and SSL to protect your data and improve your search rankings, too. If the technical details make your head hurt, the web design experts at Intelligent Evolution, LLC, can step in and guide you through the decision-making process whether you’re located in Alexandria, Virginia, Washington, DC., or elsewhere across the United States.  SSL and HTTPS is the leading standard for secure websites, and we can help you choose reliable website hosting and handle all the myriad details that go into publishing a website that accomplishes your most pressing business goals and represents you in the best possible way online. Contact us at (703) 370-7433 for a complimentary consultation.