Blog | Technology

Time to Switch to HTTPS

September 12, 2021

|
Giant padlock next to a circuit board with blue sky on the background

Have you made the change to HTTPS? If not, it’s time that you do. Google is making it less and less desirable to have a plain old HTTP site, encouraging security and privacy for all.

 

Google updates for HTTPS 

For some time now, Google has been saying that it considers HTTPS as a metric for determining for page ranking, giving preference to HTTPS pages over HTTP pages. That means, all things being equal, a page using the HTTPS protocol will rank higher on Google rankings than a page unsecured with only an HTTP protocol.

But another change is that the Google Chrome web browser has started displaying an error page with a warning in the address bar that the visitor is on an insecure site. Chrome already does this for pages that have an incorrectly configured SSL certificate.

This is what this error looks like in action:

your-connection-is-not-private-error-in-google-chromeCourtesy of BiteByteBit

Pretty scary looking, huh? This is definitely not ideal if you plan on building a sense of trust with your donors or association members!

 

Why you need to make the change

So do you need to make the pivot from HTTP to HTTPS? If that error message alone didn't sway you, we have some additional reasons. We say “yes,” for all of these reasons.

  1. You will be protecting your users. If you are transferring personal information on a page, it is a must. It provides critical security and data integrity for your website and for your users who are exchanging data on that website. But even those pages which do not promote an exchange of information are vulnerable to intruders, who can see what and who is browsing your site.
  2. You will be protecting the integrity of your website. HTTPS protects your site from intruders.

    For instance, here are some of the benefits from Google as to why having a secure site matters:
“Intruders exploit unprotected communications to trick your users into giving up sensitive information or installing malware, or to insert their own advertisements into your resources. For example, some third parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities."
“Intruders exploit every unprotected resource that travels between your websites and your users. Images, cookies, scripts, HTML … they’re all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP, just to name a few.” 
  1. You will be protecting your SEO. Again, Google has given preference to HTTPS sites. Make sure you’re doing the best for your organization by protecting your Google ranking. While Google will attempt to load an HTTPS version of your site by default, if it's still on HTTP, you may be sacrificing your page ranking.

Does your tech support your mission?