A few months ago, Google gave the SEO community a freebie when they told the public they would be giving SEO boosts to sites that use HTTP Secure or HTTPS for short. When added to a site, the technology prevents wiretapping and man-in-the-middle attacks, greatly increasing the overall security of the web. However, some SEO experts have told clients to hold off on making the switch, suggesting it’s not worth the effort for the boost. We believe that regardless of the effort required, websites of all sizes should begin making the move to HTTPS and the best reasons have nothing to do with the Google incentive.
To briefly explain, HTTPS adds a layer of security on top of the traditional SSL/TLS protocols that are traditionally used for security on certain servers. This armor on top of armor works to ensure that server the browser is trying to reach is valid and that the data from the session can’t be intercepted or decrypted. In a world concerned about spying from government agencies and hackers, the adoption rate of HTTPS has been slow. HTTPS Pulse, an organization devoted to spreading the tech, estimates that only 23.9 percent of the most popular sites use HTTPS in some form and less than 1 percent use them in the optimal way.
One reason for the low implementation rate is the fact that HTTPS isn’t exactly easy to implement on a site. Since, Google considers the HTTP and HTTPS versions of a site to be two completely different sites in their search engine, a website admin has to add their SSL site as a completely new site. Besides being time consuming, this creates canonical issues where page ranks will suffer unless redirects are properly set up. This also involves a deindexing process, which involves removing non-secure pages during the transition. Once the effort has been completed, search engines will know to index the new secure pages.
It’s important to stress that when done properly, switching from HTTP to HTTPS shouldn’t hurt SEO. However, the SEO benefit is light. Google has said they are using HTTPS as “very lightweight signal—affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content.”
Some have argued that this small SEO boost isn’t worth the effort, especially for larger sites, but they are missing the point. In essence, Google is giving sites an SEO benefit for doing something they need to do anyway. In a way, it’s a little like the Y2K crisis (I know I’m showing my age). Businesses needed to update their computer systems to become Y2K compliant. And even though it was costly and difficult, businesses of every size did what needed to be done because the potential harm to their business was too great.
Similarly, business owners today need to bite the bullet and update their sites with SSL and HTTPS. Just because there isn’t a Y2K-level hype about the security vulnerabilities on their site doesn’t make the danger any less real.
Size and age of a site can add to the difficulties in making the switch, but in fact, it’s these are the site that need to make the switch most of all. An ecommerce site with significant amounts of traffic but out-to-date security is a prime target for cybercriminals. It’s like having a big pile of money guarded only by a sleepy security old man.
When deciding if it’s worth the effort, business owners need to put themselves in the minds of the consumers. Imagine getting a letter from your bank saying they wouldn’t be updating their websites or apps with the best security features because they felt it was too expensive for a bank their size. You’d most likely stop using their online products, if not switch to a different bank entirely.
Online retailers risk the same when they choose to wait to make the switch to HTTPS on their site. It is inevitable that some customers will choose not to shop on that site because of the lax security. And as news reports make average consumers more aware of tech security issues, the greater the potential loss in revenue.
Long story short, it’s worth any effort or price to make a site trustworthy to online users and ecommerce sites need to make the switch most of all. HTTPS makes consumers feel more secure using the site, it gives the site an SEO boost, and it protects the site from costly and embarrassing security breaches. And there’s no reason to wait for benefits like that.
For more ways to make a site more consumer-friendly, read this article about Google’s newest mobile site tool.