Google ♥ HTTPS
October 15, 2014
You may have noticed the little green padlock that shows up in your browser when you click to buy merchandise or visit your online bank. To the average person the little padlock signals you’re in a “safe zone” where your communication is kept locked up and guarded from prying eyes. The information you enter (your credit card number) or view (your banking history), is encrypted as it floats between you and the online place (the servers) where all your sensitive stuff is stored and manipulated. The wizards (aka your web company) that manage this sensitive data went out and bought a certificate that verifies it’s securely locked up. It’s called an SSL (“Secure Socket Layer”) Certificate. The certs are sold by several companies such as GeoTrust, Godaddy, and Network Solutions to web developers worldwide, and they are fairly costly. Up until now, it wasn’t likely you would be seeing the little “trust me” icon when looking at the site’s “about us” page, or any other page you visit before hopping onto the shopping cart or logging in to view your transaction history. You can expect to see that more.
Google broke big news in early August 2014 and announced that they were actively promoting “HTTPS Everywhere” by boosting your search ranking if you implemented it on your site. In an interesting twist, Google announced it on their blogger pages, where HTTPS isn’t used. The announcement cited security as the primary reason they were actively promoting it with the search boost, and suggested developers go all-in with HTTPS on their sites, blanketing every page with SSL security, not just the ecommerce or secure login parts. They had been actively promoting the idea, most notably on this presentation available on YouTube posted the previous June.
For now, the ranking benefit is small, only affecting “…fewer than 1% of global queries,” but the goal to eventually accomplish a secure web is certain to remain a priority for Google. “…over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.” The takeaway should be to expect more on the subject, and make plans accordingly. Google owns nearly 70% of the search traffic, and the topic is certain to remain a priority for them as long as security issues continue to plague the internet. As of this writing, security issues at least appear to be at an all-time high and growing. A record number of credit cards are in the hands of criminal hackers, and foreign countries are committing cyber-terrorism to stop movies from being released.
My suggestion to site owners and their web companies is to read up on the subject and start thinking about a plan to go “HTTPS everywhere” within a reasonable timeframe. It may not be an imperative, but the day Google decides to get serious and use rankings as a stronger motivator, you’ll be ready to go. Better yet, if you do it now, you may get a boost in the near term and when the big benefits do kick in, you’ll be the first to see an updraft in your rankings. And if it doesn’t happen, the web will be a safer place nonetheless. It could very well be that good “corporate citizenry” through cyber-security will enter the popular domain, and you will be way out in front of it.