At a time when it feels like not a week goes by without another hacking scandal hitting the news, it has never been more important to take online security seriously. Account hacking and data breaches have occurred at some of the world’s biggest companies, with enormous implications for everyone who uses and works with the web. As a result, we are seeing moves being taken to enforce stricter security measures; and none more noticeably than from the search engine giant Google. Among a plethora of other exciting updates announced recently , this year we will see Google’s war on online security truly take off.
Tightening the rules
Back in October 2017, Google released an update that hiked the priority of website security both within its search function and for its Chrome browser’s performance. Throughout 2018, this update will become standardized across all users and with additional functionality added. The specific target of the update is HTTP protocol: having been used since the early days of the web, HTTP is no longer considered sufficiently secure for modern web use and is being forcibly phased out.
HTTPS is the modern replacement, with the additional acronymised ‘s’ standing for secure. HTTPS establishes an encrypted connection between a web browser and server, ensuring that data transfers cannot be interfered with by third parties. The people for whom this is of utmost concern are those running ecommerce stores and platforms, with online payment gateways and contact forms notorious for being easy access points for hackers.
Implications for Google’s userThere are two major repercussions that this latest security push from Google will have. Firstly, for the individuals who form the estimated 2 billion total Chrome users, website security is going to become a lot more transparent. Any time you land on a page that does not have an SSL certificate, you will be notified by a small pop-up appearing in the left-hand side of the browser bar. This is expected to have a critical impact on the perceived level of trust a visitor puts in a site, and their willingness to return to it. For publishers, this loss in confidence in a non-secure site could lose serious traffic. However, they will have a further problem to contend with: Google has also outlined that sites operating without HTTPS will experience a universal drop down the SERP rankings, ultimately causing them to lose visibility too.
How to check you are protected and what to do if you’re not
Given the severity of this two-fold backlash, it is looking increasingly likely that all sites will have to ensure they are suitably certified in the coming months. So how do you get started? The first thing you need to check is that your site is using a dedicated IP address, which may depend on the kind of web hosting plan you are on. Some of the smaller, cheaper hosting options will have assigned a shared IP, but this is dangerous as it forces you to share the security practices and reputation of all other holders of your IP address
Once you have your dedicated IP, you are able to purchase an SSL certificate. This acts as an identifying document for your website, seen as a very long series of letters or numbers that only your website knows, a bit like a password. There are a number of SSL service providers out there from whom you can purchase an annual certificate contract, such as these deals from 1&1. From here, it’s a fairly simple process of simply activating your certificate and updating your website.
Having HTTPS protocol running on a site will increasingly become one of the foremost concerns for the Google search engine, site visitors and also webmasters. As the online community strengthens against hacking and privacy concerns, its best to take action sooner rather than later.