Google's new approach to website security
Google has always pushed for a more secure web, and as of January next year they'll be upping the game by starting to make Chrome, their web browser, flag non-secure websites to all users.
To start with, this will just affect pages which contain login forms or collect credit card numbers, but eventually all insecure HTTP webpages will be highlighted in such a way that makes them appear dangerous and to be avoided.
Image source: Googleblog.com
Obviously, having your visitors presented with a bright red warning symbol when they visit your site isn't what you want. New visitors are likely to bounce away immediately, and repeat/established users or customers are likely to have their trust and confidence in you undermined.
How to make your website secure with HTTPS
Thankfully, preventing this message from occurring is a relatively simple task, involving the purchase and installation of a Security Certificate. This switches the site from HTTP to HTTPS (the extra S quite appropriately stands for "Secure"), and means that all communication between a user's browser and the web server the website is hosted on is encrypted in transit, so that third parties (regardless of whether they are criminals or the government) cannot easily view the data you provide – including basic information about the pages on the site that you visit.
The benefits of a Security Certificate extend beyond just providing peace of mind to your visitors and preventing red exclamation marks popping up all over your site. Search engines are already penalising sites which are not secure, so getting one set up can prevent a negative hit to your SEO. Encrypting traffic between you and your users also helps to prevent data from falling into the wrong hands, and stops any potential attackers from simply listening in and obtaining login details and access to your website or system.
Types of Security Certificate
There are different Security Certificates available, which offer various benefits, but don’t worry – we’ve created a handy guide that shows the options available and the costs for each. In summary, they are:
- SuperHTTPS: A standard security certificate which protects a single website
- SuperHTTPS Plus: A standard security certificate which can be re-used on multiple systems that all share the same domain
- SuperHTTPS EV: A special "Extended Validation" security certificate which provides visitors with the assurance that you are who you say you are, as well as encrypting the data they provide. These certificates provide an enhanced "Green Bar" display within most browsers, increasing the level of trust your visitors are willing to provide.
- Find out more about available options
In addition to the purchase of the actual certificate, our Security Certificate packages all come with several benefits and additional services, including the initial setup of your website's server (including purchase of a second IP address where necessary), installation of the certificate, and the configuration of the website to use the new certificate. Our certificates are renewed on an annual basis, and we always make sure we renew them in enough time so there's no loss of service. We also work with you to ensure the secure version of the site is properly registered with search engines (using Google Search Console, for example). Finally, for SuperHTTPS EV certificates, we also guide you through any paperwork and manual steps, which are required as part of this more detailed verification process.
To get more information, ask any questions, or to start the process of getting your website updated with a security certificate, just get in touch or fill out the form below, and we’ll be happy to help.