September 5, 2017 ByCheryl Dykstra
If your website collects sensitive visitor information such
as passwords, credit card information, or other personal data – be warned.
Earlier this year, Google made changes that started to mark
websites without HTTPS as non-secure on Google Chrome, Google’s own web browser
that has 59.38% of the browser market
share. That’s way above the second highest used browser, Safari, with only
14.88% market share.
If you haven’t already made the switch to HTTPS and
purchased an SSL certificate to protect visitors and your site, now is the
What Exactly Is
“HTTP (HyperText Transfer Protocol) and HTTPS (HyperText
Transfer Protocol Secure) are both protocols, or languages, for passing
information between web servers and clients,” according to Search Engine
What is important to take away from it is that HTTPS is a
secure connection, whereas HTTP is unsecure. With a standard HTTP connection,
it is possible for unauthorized parties to observe the conversation between
your computing device and the site.
An HTTPS connection adds a blanket of security over that
conversation using an SSL/TSL protocol (Secure Sockets Layer and Transport
Layer Security) that prevents cyber eavesdropping, protects against data
corruption, and authenticates communication.
To ensure the safety of Google Chrome users, Google has
begun to penalize HTTP connections by alerting users of what it is… insecure.
Here is what a non-secure vs. secure web form looks like (notice the URL bar):
How to Secure Your
To enable HTTPS on your website, you must first acquire an
SSL certificate from a Certificate Authority (CA). This acts as a stamp of approval
from a trusted party because it ensures your website is legitimate and secure.
Once you have your certificate, it needs to be installed and
your website will need to be updated. That includes doing a full backup of your
site, changing all your internal links, checking code libraries, updating all
external links that you can, and creating 301 redirects.
It’s also important to update your URLs on Google (Search
Console, Analytics, Adwords), anywhere else you are running paid aids, on all
your social profiles, and across all your top citations.
This process can be very involved depending on the size of
your website and web presence, but the alternative is leaving your visitors
unprotected and jeopardizing their trust in your business.
Google Chrome flagging HTTP sites as unsecure is just step
one of changes soon to come that better protect the privacy and security of
sensitive information. There’s no reason to delay HTTPS any longer.
If you’re ready to make the switch to HTTPS, call us today at (407) 682-2222.