Situation: Chrome will mark all websites that are not encrypted with a secure connection as “not secure.”
Our point of view:
Why is Google labeling certain websites as “not secure”? According to Google’s blog, unencrypted HTTP sites will be labeled as “not secure” in an effort to tighten internet security and motivate website owners to prioritize the security of their users. More and more personal information, like passwords and credit card numbers, are being used on the internet. Thus, protecting these sensitive assets has become extremely important.
This change was first announced two years ago. So far, it has been met with positive results. In 2016, only 37% of websites were on a secure connection. Now in 2018, that number has more than doubled, rising to 83%.
What does it mean when a website is “not secure”?
When a website is labeled as “not secure” that means that the website does not contain a basic security feature called SSL (Secure Sockets Layer). According to MOZ.com, SSL certificates are the standard technology that ensures all of the data is passed between the web server and browser. It also means that your connection to the website is not encrypted, so anyone on the network can view the information by clicking through your web browser.
For instance, let’s say you were using a computer at a library to pay bills on an unsecure website (which I would strongly discourage doing) and you got up to use the bathroom. While you were away, someone could get on to the computer, click the back button on your browser and be able to view any data that you have entered in, even your credit card information. Now, if that same browser was on a secure website, then the only thing he or she would see after clicking on the back button is a message that says, “The contents of this browser cannot be displayed.”
How can I determine if my website is secure or not?
This is actually very simple. If you are using Google Chrome, you will see a red “Not Secure” message pop up at the top left side of the browser, near the beginning of the URL (like in the image at the top of this page). If you are not using Google Chrome, the simplest way to know if your website is secure is to look at your URL. If the URL begins with “HTTP,” it is not secure. If it begins with “HTTPS,” then congratulations; you have a secure website.
How big of an impact will this have on the industry?
In the U.S., 60% of all desktop browsers already use Google Chrome. Incidentally, Firefox is working on a similar update. And if you add Firefox’s users to the same statistic, you will see that very soon, over 73% of desktop browsers in the U.S. will also see a message displayed noting if a website is unsecure.
What are the ramifications if my website is labeled “not secure”?
The ramifications for not securing your site could be dire. Users do not want to surf a “not secure” website and will more than likely leave your page when they see those red letters pop up. According to a survey of 1,506 consumers in the US, UK and Austrailia, 82% would not continue to browse a site that their browser indicated was not secure. And that’s not the only reason. According to Google’s Webmaster Blog, Google has stated that it will favor secure websites over not secure websites in SERPs. So, don’t be surprised when you see websites that do not take internet security seriously disappear from the first page of a Google search.
How do I make my website more secure?
- The first step is contacting your MMI representative to perform a website audit to help determine which type of certificate you will need and how many. Different SSL certificates are required if you host content on multiple platforms.
- After the audit is complete, MMI will recommend a project plan and timeline for the implementation of the new security measures to your website.
Keith Duncan | SEO Manager