Introduction to HTTPS

For those who don't know what SSL (more commonly known as the HTTPS protocol) is, it's a security transport layer used to encrypt data between your browser, and the website you are "speaking" to. You most commonly see it with eCommerce websites, where entering credit card information is considered sensitive. Though, 2014 alone, the adoption grew by 80%. This is because more and more people realize the importance of keeping their user's information secure, even if it's just as basic as filling out a contact form.

That been said, even today, most websites still run insecurely over HTTP, and that's mainly due to some miss conception like:

• "Isn't HTTPS slower?" - No, they are comparably the same.
• "Doesn't it cost a lot?" - No, today you can buy some pretty inexpensive certificates.
• "My website doesn't needs to be secure" - In the old days the rule of thumb was: if you have a form (e.g. login, contact us, etc), you should use it, but today things are changing and here is why you should consider it, even if you have a static site.

Protect Your Website

Do you remember playing with walkie-talkies when you were a kid? Remember how you could listen to other people's conversations because you were using the same frequency? HTTP is similar in the sense that hackers can "listen" to any data that gets transferred between your browser and the website. Thus, imagine logging in to your website, the username and password are sent over unsecure communication to the web server where anyone could potentially steal those credentials. This would give them the ability to login to your site, and have full access to your data. This hacking technique is commonly know as session hijacking, but that's just one of many examples, unfortunately. 

Protect Your User's Information

Not only is it crucial to protect your business's data, it is also your responsibility to protect your website visitor's information. Even if they are just submitting a contact form or posting a comment on a blog article, it's likely that someone out there would like to steal that users data. When it comes to Ecommerce, that kind of information is most attractive to hackers, so make sure the website design firm you are working with has a robust testing process and uses a platform with a good security related track record. Using SSL, is definitely not a fix it all solution however, it dramatically increases the complexity for hackers to gain access to information. 

Search Engine Ranking

In 2014 Google announced that they will be adding HTTPS as one of their search engine ranking factors, in order to promote security among the web community. Their logic makes sense, after all, a website that is secure is a better search result than one that isn't, right? Google called it HTTPS Everywhere. Don't let your ranking be affected!

Browsers will Mark You as Insecure

Both Google and Firefox will be marking non HTTPS sites as dubious first, and then insecure. That means, your potential customers will see a yellow "dubious" triangle first, and then an "insecure" Red X page. Be prepared and switch now, as your website users might deem your brand untrustworthy. Obviously, this kind of perception could dramatically effect your bottom line.

Conclusion

Can you you imagine the negative impact a website security breach could have on your business? Target, one of the worlds largest brands, they had spent decades building brand equity, only to watch their profits plummet by $440M after it's recent data breach. SSL is the future of the web, and it's our hope that sooner rather than later we will see the majority of websites adopt this standard. At Herosmyth, we strongly believe in giving our clients the best, that standard goes beyond great design and usability to include SSL level security for every website we launch.