The past few years have been a worrisome time for people concerned about internet security. Governments, companies and cyber criminals have gone to extremes to get information on everyday people based on their activities on the web. Consumers are often helpless because many sites don’t use adequate security measures. Google has made an announcement that will encourage more website owners to adopt up-to-date security features. Google said will give an SEO boost to websites that use HTTPS.
Adding an encryption ranking to search algorithms was first mentioned by Matt Cutts back in April. The recent announcement is the result of testing that shows adding such a ranking has a positive effect.
“Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default,” wrote Zineb Ait Bahajji and Gary Illyes, Webmaster Trends Analysts for Google, in a blog post announcing the change. “Beyond our own stuff, we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure.”
Giving an SEO boost to pages that use HTTPS, however small the boost, will encourage more website owners to ensure their sites are using the best security practices. This is important to the overall security of the internet. As was seen in last week’s revelation about Russian cybercriminals, sloppy websites that don’t keep up with security technology make easy targets for people looking for weak systems to exploit.
As a review, HTTPS stands for Hypertext Transfer Protocol Secure. It’s a layer of traditional HTTP on top of the SSL/TLS protocol. This adds the security capabilities of SSL/TLS to standard HTTP communications. A major benefit of this is that it prevents wiretapping and man-in-the-middle attacks.
Besides HTTPS protocols, Google gave several other best practices for webmasters to follow. Noting that more official guidelines would be produced in the future, the blog post also suggested:
Using 2048-bit key certificates
Using relative URLs for resources that reside on the same secure domain and protocol relative URLs for all other domains
Proper use of site redirects for changes in domain
Not blocking an HTTPS site from crawling using robots.txt
Allowing search engines to index pages possible. They also suggest that website owners avoid using the noindex robots meta tag.
It’s important to note for the time being, Google is only using these security features as lightweight ranking factors. Webmasters may get a boost from using HTTPS, but it won’t outweigh things such as high-quality content. However, the value of HTTPS for ranking may increase in the future.
“For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS,” Bahajji and Illyes wrote.
It’s unusual for Google to directly tell webmasters something they can do to boost their SEO, which indicates how strongly Google wants websites around the world to adopt HTTPS.
As with all security features, business owners will need to keep up with updates, otherwise, their systems may be vulnerable in the future. The Heart Bleed vulnerability of SSL, that gained widespread attention earlier, this year was worsened by the fact that many website that had SSL hadn’t applied the update that would’ve fixed the issue.
Business owners should also not be satisfied with HTTPS alone. Whenever possible, website owners should use multiple security features. That way, if one layer of security fails, the other other layers can prevent data loss. This has become all the more important that Google has encouraged everyone to use HTTPS. As the number of valuable targets with HTTP declines, cyber thieves will turn their attention to finding vulnerabilities in HTTPS sites.
Google’s SEO boost for sites that uses good security is a gift to website owners, who are getting a benefit for doing something they should have in the first place.