Why Google is Forcing You to Get an SSL Certificate for Your Website

Brinard SweetingDigital, Insights

Starting July 2018 with Google Chrome’s latest update ‘Chrome 68’, Google announced that it would be serving all website visitors to sites that don’t have an SSL certificate installed i.e. ‘https’ with a Not Secure warning in the browser:

Chrome 68's Not Secure Error Message

Chrome 68’s Not Secure Error Message

Meaning, all that sweet incoming traffic coming into your website that could potentially be new business, customer inquiries, warm leads, eCommerce purchases, etc. will now see your business’ digital storefront slapped with a big ole’ Not Secure warning, which will likely prompt them to make a reflex decision to bounce.

For the past several years, Google—being the world’s most-used web browser—has allowed websites to get away with not being secure by encrypting its data using SSL certificates. Now, as of late, the search engine giant has been giving a significant increase in search rankings for all sites who do have one (https) over those that don’t (http).

Insecure Website Browser Warning

Why this is a GOOD and BAD thing for your business

So let’s say you’re in the shipping & logistics business. You have your business’ website and your top competitor’s site appear in search results from an international agency looking for strategic marine logistics partner to handle some cargo. In this scenario, whomever has better SEO would win right? Wrong!

Your SEO strategy and content performance could be stellar, but after July 1st, if your website isn’t SSL secured, Google is de-prioritizing it in search results.

What a 'secure' website badge looks like in your address bar

What a ‘secure’ website badge looks like in your address bar

“But wait, what is SSL and why do I need it so much?”

SSL stands for Secure Sockets Layer, a global standard security technology that enables encrypted communication between a web browser and a web server. It is utilized by millions of online businesses and individuals to decrease the risk of sensitive information (e.g., credit card numbers, usernames, passwords, emails, etc.) from being stolen or tampered with by hackers and identity thieves. In essence, SSL allows for a private transactions just between the two intended parties.

To create this secure connection, an SSL certificate (also referred to as a “digital certificate”) is installed on a web server and serves two functions:

  • It authenticates the identity of the website (this guarantees visitors that they’re not on a bogus site)
  • It encrypts the data that’s being transmitted

How to get an SSL certificate?

You need to get one from a trusted Certificate Authority. There are many providers and sellers of SSL certificates, top among them are:

  • GoDaddy
  • VeriSign
  • DigiCert
  • Comodo
  • Symantec
  • GeoTrust

SSL Options

Depending on what kind of business you operate, there are different levels of SSL, and you need them for each domain you have. Key among them are: Domain Validated SSL, Organization Validated SSL and Extended Validation SSL. For most uses, a DV (domain validated) is sufficient enough. For eCommerce, OV and EV are recommended.

If you operate a single business website and then a separate website for your eCommerce store: yourcompany.com and store.yourcompany.com — your best bet is to purchase a Wildcard SSL that’ll cover multiple subdomains. That’ll make your annual SSL renewal process easier.

Types of SSL Certificates

Yes, SSLs do have a price (security isn’t free!) but there is a recent provider that has swept the internet who issues them for free: Let’s Encrypt Authority.

Let’s Encrypt is a free, automated, and open Certificate Authority run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). They give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. They do this because they want to create a more secure and privacy-respecting Web.

Let's Encrypt

You can learn more about how it works here: https://letsencrypt.org/how-it-works/

Of course, if you need any assistance with the acquiring and implementing SSL on your website, our team is always more than happy to assist. You can click here to send us a message with your needs.

Now go get secured!