When it comes to deciding whether to take a site secure or not, many webmasters with content sites argue that there is no need for them to go to the expense of making their site secure, since they do not collect any kind of personal data.
Google on the other hand has been a strong advocate for “secure all the things” regardless of what type of site it may be.
During a recent Google Webmaster English/Hindi Hangout, the question of secure search came up, and Syed Mairaj from Google, one of the regular hosts of the English/Hindi hangout along with Aaseesh Marina, gave a very compelling argument for why all sites should go secure, even if they are not collecting information from their visitors, in response to a media company that did not see the benefit of going HTTPS for this reason.
Mairaj comments detailed exactly why HTTPS is so important, but from a perspective we don’t often consider and he got the point across brilliantly. We often hear about security from data collection, such as with online purchases, but seldom why it is just as important for sites don’t collect personal data to do it too. And it definitely puts perspective onto content sites and why it is important for them to go secure, even if they don’t collect personal information or sell anything.
The problem with HTTP is that it is not just about user data or login information or account information or that it is only applicable to ecommerce type websites. The problem is when the traffic is on HTTP and not secure then anybody can intercept the traffic and read the data.
For example, if I am using a lot of non-HTTPS websites then if somebody could hack into my router or hack into my network then they will know the entire activity of what I did throughout the entire day, what websites I saw and what articles I read. And things like those.
So it is not just about user data residing on your website but it is about the traffic as well.
HTTPS basically is applicable to all types of websites, be it just a blog or an ecommerce website or an interactive tool or whatever.
While many webmasters are aware of the “data interception” issue with HTTP, this definitely puts it into perspective about just how much data a non-secure site could leak about a user due to a visit on a HTTP site…. essentially a complete browser history list from every non-HTTPS site visited.
This was said in response to someone commenting that they were only a media company, not an ecommerce site, and he couldn’t see the benefit of actually going to HTTPS, especially with the work to implement it.
Mairaj also spoke about why we are seeing more sites going to HTTPS.
I think what we are seeing is that people are moving towards being more secure online and I think the HTTPS thing will catch up and going forward we are going to see more and more HTTPS versions of websites than HTTP sites because of course it is secure and there’s also some things about that it is not fast enough as HTTP and that there may be some latency issues and stuff.
But I think that is not the case, the technology has evolved very much and as far as Google ranking goes, that definitely is one of the signals we look at, of the 200+ signals that we have. Because it is important for us as well to provide a safe user experience on Google search to our users. That is why we have started considering HTTPS as one of the signals.
So i think you should definitely consider moving to HTTPS, it doesn’t matter if your competitors or other people in the space are doing it or not. What I really think is that eventually everyone will be moving to HTTPS. It is not just about business as users, I am sure users will appreciate it because they feel secure and they feel safe while they are browsing on your website.
We already know that Google plans to make the HTTPS ranking signal stronger, and with both Chrome and Firefox making changes for unsecure sites, we are definitely seeing signs in the industry that HTTPS will be an important factor going forward.
Latest posts by Jennifer Slegg (see all)
- Google Adds Rich Results Report to Search Analytics in Search Console - June 24, 2016
- Google Launches New Local Ads-Pack for Local Businesses, Above 3-Pack - June 23, 2016
- Google Analytics Expands Hacked Site Alerts for Webmasters - June 22, 2016
- New AMP Validator for Web & Chrome Extension - June 22, 2016
- Don’t Make All Content Q&A For Google’s Featured Snippets - June 21, 2016