If you are an auto repair shop owner, you probably aren't very concerned with encrypting a website that contains your logo, address, and business hours.
At first glance, it seems like overkill to encrypt a website that doesn't contain any sensitive information. Visitors to your site don't need to enter a password, and they won't be entering their Social Security Number.
This article will list the primary benefits of encrypting your website, regardless of its content, and how doing so could have a positive impact on your business.
What is web security?
Web pages can be sent over the internet in either plain text, using HTTP (Hyper Text Transfer Protocol), or encrypted (HTTPs).
If encrypted, they are sent over the transport layer using TLS (Transport Layer Security), commonly referred to as SSL (Secure Sockets Layer).
HTTPs by default
The web gods have handed down the law, and they are beginning to implement TLS by default. This means that (eventually) everything on the web will be secure.
For example: After more than 15 years, the way that web pages get transported over the internet (HTTP) is finally getting a makeover (HTTP/2), and this new, faster version of HTTP will only work on a secure connection.
For now, as the transition is taking place, and while everyone else catches up, this gives you a chance to get a leg up on the competition.
Better SEO ranking
Back in 2014, Google announced that a secure website would earn you a +1 in search ranking.
For the present, this ranking factor is minor, but we fully expect it to have a significant impact in the near future.
Avoid browser warnings
Take this scary screenshot from Google Chrome as an example:
As we make the move to a secure web, security warnings such as these will become increasingly more common.
If you're serving your site over HTTP, the chances of your visitors seeing a warning such as this increase with each passing day — and if they see this warning, you can be sure they're hitting the back button. And that's definitely bad for business.
Prevent content injection
Your website has a long way to travel – and passes through many different networks – as it makes its way from source to destination. Anywhere along that path, an insecure web page is vulnerable to being intercepted and altered.
Content injection is a lot more common than you may think. For example, there are any number of networks who will take the liberty of injecting ads into a web page just for the privilege of passing through its network.
- Here's an example of AT&T injecting ads into pages passing through one of their wi-fi hotspots.
- Here's another example of Comcast doing the same thing.
Okay, I'm convinced. Where do you get this SSL stuff?
First, test that your site is meeting minimum security recommendations by running it through the Qualys SSL-Labs Online Server Test.
If things look okay, great! If not, Cloudflare SSL is a TLS proxying service that is a good place to start. It's top notch and 100% free.
Tell us what you think
Please sound off in the com-box with any feedback — we're all ears.
To success — yours, and ours!