Google announced in February this year changes in the way they interpret website security from July 2018. We are encouraging all business owners to make sure they are ready. This article will give you everything you need to know about the upcoming Google SSL changes.
For quite some time now Google has been trying to encourage webmasters and developers to ensure that their websites are secure by using SSL (Secure Sockets Layer) encryption. This is to ensure that the information transfer between a desktop or mobile devices and website servers is secure from hackers.
Historically, a lot of site owners have chosen not to go down this route because of the added cost. Not long ago purchasing and updating SSL Certificates for their sites seemed expensive. The Google SSL changes to take effect soon will mean that if your site is not secured your website may be penalised.
From July rather than telling Chrome users when a website is secure, instead, they will make the assumption that all websites have SSL encryption in place. The reason they are doing this is by their own words to ‘move towards a more secure web’. Basically, they want to make sure that your user’s data isn’t falling into the wrong hands.
SSL is a data security standard created to protect the transfer of data between web browsers and web servers.
SSL encryption is enabled by placing a ‘certificate’ on your web server that then generates cryptographic keys. These keys are then used to verify the security of your website and enable data encryption. Once this is verified then the browser ‘knows’ to encrypt any data before it is sent to the web server.
What do the Google SSL changes mean?
At the moment when you navigate to a website in Chrome, you see a padlock icon in the navigation bar. This indicates that SSL encryption is enabled on the site. If a websites SSL certificate has expired then you may be sent to a screen with a warning. If your website is not secure then no warning is given.
From July Google SSL changes will mean a change in how it handles this information. The Chrome browser will now no longer tell you if a website is secure because the expectation is all websites are secure.
Instead, they are essentially warning users away from websites that are not secure. Not only this but not having SSL encryption may impact your SEO performance. What could be even worse? Some eCommerce payment gateways will no longer work on sites that do not encrypt their customer’s data.
All of this means that if you are running a successful website today that doesn’t have SSL encryption, then from July you may see a big drop off in traffic, customers and conversions.
How do you know if your site is secure?
The easiest way to know if your website is secure is to navigate to it on Chrome and look to see if your site says HTTP or HTTPS in the navigation bar. If the page says HTTPS then it means that page is secure.
But this doesn’t mean your whole site is secure. You could check every single page on your site, which is fine if you only have a small website. But it isn’t really practical for larger sites.
The best way to check this is to speak to your website administrator or your web host. They should be able to let you know.
How do you fix a non-secure site?
If you find that your website is not secure then make contact with your website’s administrator and ask them to make it secure. The price of SSL certificates is a lot cheaper now than just a few years ago and implementing encryption is something the person managing your website should be able to help you with.
If your website is self-managed then have a chat with your web host and they should be able to steer you in the right path.
There is good news for users of some mainstream content management systems such as Wix as these providers will often include an SSL certificate as part of your annual subscription cost.
If you’re not sure about any of this, then speak to your hosting provider today.
Looking for more tips on how to build a great website? Check out our advice here: What Is ‘Too Artsy’ When It Comes To Websites?