“It’s time you encrypt” – Yours truly, Google
All communication should be secure by default. That’s what Google has been urging for some time now. They finally seem to have taken a step to ensure that as well. Last week at Enigma Conf 2016, an engineer from CloudFlare showed the potential manifestation of a Chromium proposal which wants to have insecure content marked as such by default; displaying a red “x” over a padlock in the URL bar.
It’s an aggressive step, and tech experts and companies have lauded it, terming it as very pro consumer. Now, is it really that good an idea? Let’s find out.
Calling out HTTP
“Despite how common plain HTTP can still be today, it *is* outright insecure, and a real and present danger to users and to the open web.”
Eric Mill, a technologist who’s been working on web encryption, told Motherboard.
It is true; websites shared over HTTP are vulnerable to eavesdropping and snooping, thus posing an immense danger to the open web. Converting these websites to HTTPS gives us the 3-fold advantage of authentication, data integrity and encryption. In layman terms, it will not just protect data; it will also ensure that users are not redirected to impostor sites.
Parisa Tabriz, Manager Google Security Engineering Team
Whatever Google Wants
Let’s face it. For all intents and purposes, Search Engine = Google. It may be a sad truth. But it is what it is, the truth. Google has been known to treat secure sites more favourably, and now with Chrome hinting at outright marking insecure sites, there is a chance that their next search algorithm update might place more emphasis on security signals.
What does it mean for marketers?
The urge to encrypt all sites is apparently not from Google alone. A number of organizations who see faults in the way the Internet currently operates have joined forces, backing the “Encrypt All the Things” campaign, which calls for more network and data protection from unauthorized surveillance.
It actually makes sense. Privacy is no more about just e-commerce sites or banks. Most sites are not brochures or showcase any more; most sites have functionality these days. Our lives have moved digital. We use the internet as a channel for our public and private conversations. One doesn’t really need to actively hack us to know our passwords, most of the times, listening to our conversations can reveal most of it. And with Chrome, one of the most popular browsers marking non encrypted sites scarlet, you don’t want your site to be questioned of its credibility. So, it’s likely that all sites will follow the bandwagon soon.
How soon do we have to shift to HTTPS?
For small sites, it’s a no brainer, they should, ASAP. But for heavier sites, it might be wise to wait till the Google Penguin 4 to launch (possibly by this month), and see what it has in store for non encrypted sites, to decide accordingly. But as responsible web citizens, we should definitely start thinking about it.
Capital Numbers’ SEO Services is designed to address search engine algorithms of all main search engines. To know more about the best practices, visit https://www.capitalnumbers.com/seo.php