The online community has been buzzing with Google’s announcement of HTTPS becoming a requirement for all websites. For the uninitiated, HTTPS is the first part of the URL that appears in your browser bar when you’re on a website with SSL encryption.
In the last 12 months, you might have received an email that reads like this:
“Your website is still an HTTP site and has not been upgraded to HTTPs. Google is marking all HTTP sites as 'unsecure' in July, forcing all businesses and webmasters to upgrade.”
Now, the difference between HTTP and HTTPS might only be one letter. But the fact is HTTPS is now a requirement for any website that wishes to continue attracting visitors.
Toward a safer internet
As Google endeavours to help users identify and avoid websites that are not safe, websites that don’t have an SSL certificate will be marked as “Not Secure.” What’s more, the warning signals to a user that the website they’re using could be susceptible to online security threats whilst visiting as well.
In the last year we have seen multiple businesses, both large and small, fall into the trap of not securing their sensitive information and dearly paying the price for it.
From the devastating WannaCry attacks to the outrageous Commonwealth Bank (CBA) information leak in 2016 and the embarrassing discovery of classified government documents sitting in a Canberra op-shop, scrutiny of how sensitive information like names and banking details is handled continues to heat up (and rightly so).
HTTPS is no longer an option, it’s a necessity
Now that Google 68 has come into effect, Google is labelling all HTTP websites (i.e. those without SSL encryption) as “Not Secure.” Given the fact that 60 percent of internet browsing flows through Google Chrome, this is a pretty big deal.
Essentially, this move by Google is part of their continued effort to help their users immediately recognise a secure website from one that might hold potential security threats. An SSL keeps information online safe from third parties using state-of-the-art encryption. For any business that accepts or exchanges sensitive information online — either their own or their customers’ — installing an SSL is a must.
There are several reasons for updating your website to HTTPS (which I’ll discuss more below) but the immediate one is simple — because if you don’t have an SSL, Google is already labelling your website “Not Secure.”
If a potential customer clicks on your Google listing but is greeted by a warning that your site isn’t safe, chances are they’ll leave.
The modern online customer is switched on and will not be lenient with lax security systems, which can diminish any trust they have in your business.
Don’t let this happen to you
Case in point, CBA faced considerable backlash when it was revealed they had lost the information of 19.8 million customer accounts. Between the justified public outcry and a scathing APRA report calling out the bank for their complacent management of their customer’s sensitive information, the bank’s reputation as one of the big four was considerably damaged.
While Prime Minister Malcolm Turnbull politely referred to the loss of millions of customer account details as an "extraordinary blunder," the same can’t be said for the federal government, which allowed classified information to sit idly in the filing cabinet of an op-shop.
The WannaCry ransomware crypto worm in May 2017 proved how devastating an attack can be on a global scale, thanks in no small part to a lack of up-to-date security. A total of 230,000 computers fell victim to the attack, with international organisations like FedEx, Renault and Boeing Commercial Airplanes affected.
Additional benefits of HTTPS
Beyond securing data exchanges and thereby protecting your business reputation, there are several other benefits of adding SSL encryption to your website.
Improves your website’s conversion rate
Increases the value of your average on-site transaction
Additionally, eCommerce websites can experience a boost in transactional value (i.e. average order size) thanks to the peace of mind customers get from the extra security HTTPS provides. After all, would you provide your credit card details to an unsecured website?
HTTPS is a ranking factor for Google
Google has announced that HTTPS is a factor they used to determine search rankings. That means HTTPS websites will be prioritized in search rankings over HTTP websites. With the rules of search becoming stricter by the day, any advantage you can use to help your website stand out amongst millions of competitors is one you should take!
How to secure your website
If you are technically inclined and have a basic understanding of shell commands, you can get an SSL for free from Let’s Encrypt and install it to your hosting account. This is a good option for people with technical skills, because it requires the ability to run a client application and write a few lines of codes to install the SSL.
If you’re not confident to do it yourself, GoDaddy offers one-click SSL certificate installation for sites they host. Have hosting through another company? No problem — you can still use an SSL from GoDaddy — it just takes three steps.
Which SSL should you get?
To accommodate various security needs, GoDaddy offers several types of SSL certificates:
- Domain Validation SSL: Ideal for blogs and personal websites, this SSL simply verifies your ownership of the domain name.
- Organization Validation SSL: Good for informational websites such as those owned by schools or nonprofit organizations, this certificate verifies domain ownership and existence of the organization.
- Extended Validation SSL: Because this SSL entails the most rigorous vetting process of the three, they’re perfect for eCommerce, banking and medical sites. Shoppers who see the green address, business name and country code in the browser bar that’s triggered by this certificate instantly know they're safe.
Have more than one website or subdomains you want to protect with one SSL certificate? Select your category above, then combine it with one of these:
Multiple Domains SSL: For companies that manage multiple domains and websites.
Wildcard SSL: Best for sites that use subdomains, like shop.website.com or blog.website.com (not available as an Extended Validation SSL).
All GoDaddy SSL certificates come with both a GoDaddy Security Seal and McAfee SECURE trustmark to display on your website. These visual trust indicators often reassure site visitors.
Adopting HTTPS is simple — get SSL
When Google says jump, the best practice is to ask “how high?” With online security under the microscope, websites big and small need to put the appropriate measures into place to remain successful online. The era of HTTPS is here. Is your website up to scratch?