Google has been on a mission to spread the use of HTTPS, especially for business websites. Last year it began giving a slight SEO boost to HTTPS pages in its free organic search listings. Now Google is taking a much more visible step that will hurt your business website lead generation and sales if you don’t take action. This is especially important if you are paying for leads with Google AdWords or other PPC channels.
*** UPDATE (7/26/2018): As of July 2018 the Google Chrome will mark all HTTP pages as “not secure”. See Google’s announcement.
What is HTTPS?
From Google’s help article:
HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site. Users expect a secure and private online experience when using a website. We encourage you to adopt HTTPS in order to protect your users’ connection to your website, regardless of the content on the site.
It provides several strong layers of data security compared to the usual HTTP protocol.
Why does Google want business websites to use HTTPS?
If we look at it selflessly, Google would like to promote more secure and trustworthy online experiences for all. And what non-spammer, non-hacker internet user wouldn’t want that?
If we look at it selfishly, always remember that the vast majority of Google’s revenue comes from selling ad clicks. If users don’t trust the advertiser sites they visit and fail to “convert” (submit a form, make a purchase, etc.), then advertisers won’t keep paying Google for these visitors. Plus using an SSL certificate (necessary for HTTPS) requires that a business proves that it is who it claims to be. So requiring HTTPS helps Google’s business by A) preventing advertisers from shooting themselves in the foot with untrustworthy web pages and b) helping to reduce suspicious advertising activity.
What is Google doing now to further motivate adoption of HTTPS?
Google Chrome is the browser of choice for over half of the world’s internet users (source). Starting in October 2017, the latest Google Chrome browser will show a visible “Not secure” warning in the URL field when a user starts to enter data on a page doesn’t use HTTPS. It will look something like this:
Think this might make your site visitors feel a bit less likely to want to continue? Google thinks it will. So do I.
Here is the official Google post regarding these HTTPS changes.
What should you do?
Enable HTTPS for your full business website!
Yes, this pending Chrome change will only affect website pages that contain forms, so you could take steps to serve only those pages with HTTPS. But I’d encourage you to think “big picture”.
It’s generally just as easy (often easier) to secure an entire website with HTTPS compared to changing just a few target pages. Plus, as mentioned above, Google is currently giving an additional rankings boost to all HTTPS webpages in the free organic listings. Plus, in Google’s post linked above, they state “Eventually, we plan to show the “Not secure” warning for all HTTP pages.” Plus, having a more secure and trustworthy website will have only positive long-term business benefits. Do you need any more plusses?
Within a few years it’s likely that nearly all business websites will use only HTTPS, so here’s your chance to get ahead of the game.
How do you enable HTTPS for a website?
There are a few steps:
- Purchase and install an appropriate SSL certificate for your website(s). Some hosting providers offer a basic SSL certificate for free, and that’s sufficient for most businesses. You might also need to get a dedicated IP. You can also purchase SSL certificates from 3rd party sources (often for lower cost) and then upload them to your hosting account. Ask your hosting provider about all this.
- Change your website settings to always load pages using HTTPS. There are a variety of ways of achieving this depending on your website platform. You’ll also need to ensure that individual elements that might load on some pages are loading using HTTPS.
- Create a new Google Search Console property and submit a new site map. Formerly known as “Webmaster Tools”, Google Search Console is vital for any business website to verify that your website is being optimally indexed and displayed by search engines. Search Console views an HTTPS site as a completely separate entity from an HTTP site due to the different URL, so you’ll need to create a new Search Console property to go along with the HTTPS move. Then also submit a new site map to speed up the re-indexing of your new site.
Here is the complete HTTPS guidance from Google.
Now go upgrade your business website to use HTTPS, give your prospects more confidence, and help make the internet a better place!