In 2014, Google announced that it was encouraging everyone to switch from HTTP to HTTPS, and made clear that doing so would have positive impact on a site’s search engine ranking.
Since then, more and more companies have completed this migration as part of their threat and vulnerability management strategies.
Why make your website HTTPS? Simply put, it’s more secure, and while it was once reserved only for websites that accepted credit cards or collected other types of sensitive data, the growing consensus is that, as Google’s Pierre Far said three years ago, “all communications should be secure by default.”
What Is HTTPS?
Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted.
HTTPS is often used to protect highly confidential online transactions like online banking and online shopping order forms.
Web browsers such as Internet Explorer, Firefox and Chrome also display a padlock icon in the address bar to visually indicate that a HTTPS connection is in effect.
HTTPS pages typically use one of two secure protocols to encrypt communications – SSL (Secure Sockets Layer) or TLS (Transport Layer Security). Both the TLS and SSL protocols use what is known as an ‘asymmetric’ Public Key Infrastructure (PKI) system.
An asymmetric system uses two ‘keys’ to encrypt communications, a ‘public’ key and a ‘private’ key. Anything encrypted with the public key can only be decrypted by the private key and vice-versa.
As the names suggest, the ‘private’ key should be kept strictly protected and should only be accessible the owner of the private key. In the case of a website, the private key remains securely ensconced on the web server.
Conversely, the public key is intended to be distributed to anybody and everybody that needs to be able to decrypt information that was encrypted with the private key.
Why Is This Important?
All communications sent over regular HTTP connections are in ‘plain text’ and can be read by any hacker that manages to break into the connection between your browser and the website. This presents a clear danger if the ‘communication’ is on an order form and includes your credit card details or social security number.
With a HTTPS connection, all communications are securely encrypted. This means that even if somebody managed to break into the connection, they would not be able decrypt any of the data which passes between you and the website.
Improving online security has become increasingly important in recent years and Google have been at the forefront of this drive. So much so that Google announced that HTTPS is a factor in their ranking algorithm which has accelerated the switch to HTTPS.
Therefore HTTPS is strongly recommended for any business who is focused on reassuring visitors to their website, securing their website, achieving a high ranking and future proofing their online operations.
What Other Benefits Are There?
More Trust
HTTPS reassures potential customers that you are a secure and responsible business.
More Transparency
Prospective customers can see that you are a genuine business and you own the domain name.
Improved Conversion Rates
Customers are far more likely to complete a purchase if they see that your site is secured.
More Traffic
HTTPS is a stated Google Ranking Factor so business using HTTPS can get a better ranking than less secure competitors.
Conclusion
At Alliance IT, we value the visitors to our website, and your security is of the highest priority to us. We’ve made the switch to HTTPS and recommend you doing the same.