Do you still have an unsecured website?
You’re out of time.
In fact, you’re pretty late—in 2017, Google warned that they would soon label unsecured sites (websites without HTTPS or an SSL certificate) as such in the search bar (see an unsecured website example below). Secure sites are now labeled with a green “locked” symbol, and unsecured websites are now labeled with a red “unsecured” symbol. That implementation began in October 2017:
What’s the Deal with Google and HTTPS?
Back in 2017, webmasters got this email from Google: TL;DR: Google wants every single site to be immune to hackers and identity thieves so that consumers are better protected. The reason for this is because along with advances in technology come advances in hacking and malicious website intervention techniques. Remember the Equifax data breach earlier this year? Or the Experian one in 2012? If you’re the owner of a Target credit card, you probably remember the Target breach in 2013. Or, just take your pick from some of the recent online data breaches, below:- Ebay: 145 million records compromised in 2014
- Home Depot: 56 million records compromised in 2014
- JP Morgan Chase: 76 million records compromised in 2014
- Anthem: 80 million records compromised in 2015
An Unsecured Website Is Bad for Business, Regardless of What Type of Business You Have
If you’re one of the business owners in the “I-don’t-need-this” camp, you may want to rethink that. It’s an easy conclusion to draw; if your business doesn’t ask for any personal —information or use any forms, it doesn’t matter if your site is secure. That conclusion is wrong, and here are 8 reasons why:- A hack happens every 39 seconds, and 43% of hacks target small businesses
- Google literally said so:
“You should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications. Aside from providing critical security and data integrity for both your websites and your users’ personal information, HTTPS is a requirement for many new browser features, particularly those required for progressive web apps.” – Google
- Both friendly and unfriendly intruders regularly exploit the cracks in every unprotected resource between your websites and users. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP, just to name a few. Secure websites can protect a user’s connection by securing information in three layers:
- Encryption: ensures that a user’s activity cannot be tracked or their information stolen
- Data integrity: prevents files from being corrupted as they’re transferred
- And authentication: protects against attacks and builds user trust
- Hackers don’t just want credit card information. Many malicious intruders look at aggregate behaviors to identify your users and visitors. That means that if they’ve hacked 1,000 other websites a person has been to, they can add yours onto that person’s “profile” (so to speak). This can be for marketing and advertising purposes, identity theft reasons, personal grudge reasons… the list goes on and on.
- HTTPS is a requirement for many cutting-edge technologies and website features, including app capability. If you want to bring your website into the “now,” a non-HTTPS site will be more difficult to work with.
- Your customers are smart, informed people that are well-versed in the danger of stolen identities and website hacks. Put yourself in your customers’ shoes. If you had to make a split-second decision between two almost identical websites, chances are you’re going to pick the one with the green lock over the one with the red warning sign. People don’t like the color red when it comes to their personal information. We associate the color red with things like stop signs, paper corrections, sirens, and THIS IS YOUR FINAL NOTICE letters. Red positively screams “ALERT, ALERT!” When users see those red labels, something as simple as entering a name, email, and phone number into a basic lead generation form can cause anxiety and concern.
- Your website will enjoy a boost in the search engine results. Over 40% of the sites on the first page of Google are HTTPS, which is not a surprise, since Google has confirmed that they favor HTTPS sites.
- Your conversions should benefit (unless there’s something else going on with your business). According to a GlobalSign survey, 84% of users would abandon a purchase if data was sent over an insecure connection. We already see a difference in conversion rates between HTTP and HTTPS sites.
- Everything in this video:
What To Do Next
If your website doesn’t have an SSL certificate, get one. Today. Like contact-us-right-now today. You can buy an SSL certificate through your hosting provider. For example, if your website is hosted on GoDaddy, you’d buy your certificate through them. Same for WordPress. If you don’t want to bother, you can punt it over to us at Blue Corona and we’ll host the whole kit and caboodle. What You Get When You Host with Blue Corona:- SSL – Includes FREE SSL certificate yearly subscription
- WordPress Optimized – Designed specifically for WordPress websites to provide optimal load times, easy updates and basic security measures
- Backups – Daily full site backups (for last 30 days)
- Development Support – Staging server with one click “push-to-live”
- Security – Secure FTP protocol (SFTP) with server-side firewalls included
- Extra Speed – Content Delivery Network (CDN) included for enhanced site load times by storing files at multiple locations across the server so that the user receives the files from the nearest source.
- Storage Space – 10 GB of server storage space for website files
Or just download our complete guide below!