Is your website about to be flagged as unsecure?

As of this month, Google Chrome will be red flagging websites that do not have an SSL certificate as unsecured, in the browser address bar like the picture above. For sites that do not have any data collection features such as contact forms, they will be flagged in grey to let users know that the site isn’t private. Where Google go, others tend to follow and given Chrome’s market dominance (56% as of December 2016) we are advising our clients without an SSL certificate to act. Not doing so could have an impact on user’s perception of your site will almost certainly impact on the number of people using it.

What is an SSL?

In a nutshell, an SSL certificate signals to the user that the data being transmitted between their computer and the website’s server is secure. You can see it in the address bar when you go to certain sites, especially ones that may contain financial or personal data such as  https://facebook.com or https://asos.com. These sites are interesting to hackers for various nefarious reasons, credit card information or personal pictures could be exploited easily and unfortunately, there is a fertile market for both.

How do they work?

The Secure Sockets Layer (SSL) – offer the protection of data between the computer it is entered on and the server where a site is located i.e. it’s much harder for hackers to steal the data whilst it’s in transit. Data is secured meaning the vulnerability of a website to a hacker is greatly diminished.

Why you need to act if your site is currently unsecured

A few reasons, which are both important. Firstly, Google started penalising Search Engine Results Pages as far back as 2014 for non-secure sites which mean a lower SEO score and a decreased digital footprint.

However, more fundamentally, the red flag is a bit like a road sign that says ‘There were five fatalities on this road in 2016’. One’s behaviour as a driver will alter accordingly, we can see the behaviour of a web user changing in the same way; the message is clear — you have been warned.

Secure sites, on the other hand, are flagged to the user in green as secure and ‘safe’.

What if my site does not collect any personal or financial information?

Prior to the recent announcement, our position would have been not to worry too much about an SSL certificate. Coupled with this and Google Chrome’s dominance in the browser marketplace our position has changed.

For some users ‘the web’ can be synonymous with the service they are using. If that service is owned by Google for searching AND browsing the web, we can see why they want to protect web users and website owners from hackers.

From our perspective, we want our clients to drive as much quality traffic to their site as possible and for the user to have the right impression when they get there. Anything that could affect this needs to be flagged, our strong recommendation is that all websites regardless of whether they collect personal data or not now need an SSL certificate.

How can I get an SSL certificate?

In the first instance talk to the people who manage your website. The cost of a certificate has reduced greatly, in line with the number of companies who are now installing them. We would recommend that this is done sooner rather than later as Google have signalled that search rankings and the red flags associated with non-secure sites will decrease and increase respectively over the next 12 months.

Share this article

View case studies

  • Stay current with our latest insights, thoughts and news.

    If you would like the latest in thought leadership please enter your details below.

    Your data won’t be shared and we won’t bombard you, as we know how annoying that can be too.

    I want to hear about: