2017, time to secure your website with SSL

Google are now showing its users a ‘Not secure’ message if a website domain is not protected with an SSL certificate.

As Google Partners, we follow Google and other search engines very closely. Not only to better understand how to optimise our clients’ websites for search engine rankings, but because search engines promote (and reward) good user experience (UX) and security best practices; which are equally as important to it’s users.

SSL, or Secure Sockets Layer encryption, has been around for over a decade and is prevalent in websites where money is exchanged. In 2014, Google said they would start using “HTTPS as a ranking signal” and will actively promote and reward secured websites over non-secured websites in their ranking algorithms.

The game changer in 2017 is that Google’s latest browser (Chrome 56) is beginning to “mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.”

Google's treatment of HTTP pages without SSL short term

Google's treatment of HTTP pages without SSL longer term

Remember a couple of years ago when Google started displaying a little Smartphone icon in front of each search result (later replaced by “mobile-friendly”) when viewing on a mobile device, to indicate if a website was mobile-friendly? This added yet another dimension to how users selected a search result over and above the websites ranking and content relevance. Google indicating whether a website is secured (or not) has huge potential to impact on the user’s decision to click/tap the search result, let alone buy a product or sending personal details when on your website.

mobile friendly website in google search result

Moz’s findings show that Google’s SSL algorithms changes have clearly had an effect on website providers adopting SSL, but what’s important to recognise is that just as mobile-friendly websites became the norm, so will SSL and HTTPS with a little help/shove from Google.

Often when people talk about UX, they wrongly think about their website in isolation, rather than the wider ‘user journey’, which in many cases start with Search. As SEO experts we need to think not only about the technical KPI’s Google look at when assessing a website, but also the users perception of a result, i.e. is it mobile-friendly? Is it secure?

Encrypting data transferred over a website domain should be a given when you think about how highly users value their privacy and security of information, and how hard brands work to earn trust with their customers. It can mean the difference between someone visiting your website in the first place, or choosing to buy or fill out an enquiry form when they reach the website.

There are a number of considerations when purchasing your SSL certificates and actions that need to be performed to correctly install SSL; such as selecting the level of SSL certificate for your needs, configuring your website to work with HTTPS and ensuring search engines and reporting tools such as Google Analytics and Google Search Console are aligned with the changes.

Levels of SSL protection

Need help? Get in touch with our team of Google Partners and website specialists and we’ll help you choose the right certificates, source them from a reputable supplier and ensure the SSL certificates are installed correctly.

Sources:

https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
https://moz.com/blog/https-tops-30-how-google-is-winning-the-long-war