Let's face it, you barely understand coding, but you need to ask these questions of your developer to ensure your website security is up to date.
We all panicked during the NHS hack earlier this year, thinking ‘could it be us?’ It was the same at Thrive, after all, we build and maintain a number of clients’ websites - we need to make sure we’re at the cutting edge of web security.
Indeed, it brought to our attention just how few businesses and individuals REALLY understand what it means to have a ‘secure website’, which is why we wanted to explain the basics.
Of course, if you have further questions, don’t hesitate to get in touch and we can offer advice and guidance.
Following the NHS hack, it became clear that organisations would need to think much more carefully about the security and protection of their website, apps, databases, email inboxes etc.
Google has also stepped in on the matter and has made changes to its algorithms to ensure that those websites that are seen to be secure get priority. They even warn visitors if websites don’t quite look ‘right’, giving you the option to back out of the website before you get to it. If your site is in this boat, we’re sure your visitor metrics will have taken a sharp nosedive during the year. We urge you to get in touch with us if you need to rectify a matter like this.
Let’s take a look at your two main priorities to secure your Google ranking - and your website…
What is HTTPS and why do I need it?
An acronym for Hypertext Transfer Protocol Secure (bear with me)... it is in laymen’s terms a protocol that your website will follow to ensure communications are encrypted whilst over a network such as the internet. If communications are encrypted, then hackers and their shady pals cannot access your data - or tamper with it (hack your website).
What is SSL and why do I need it?
Another acronym, this time for Secure Socket Layer*, this is another protocol to ensure encrypted communications across computer networks. To encrypt this data, the website owner (or developer on your behalf, depending on your contract) will purchase an SSL certificate which includes an encryption key to be placed on the server.
* Often also used with the term TLS - Transport Layer Security - both do the same job.
When it comes to the costs of an SSL certificate, this should have been discussed with your developer, agency or IT support - whoever provides/manages your website hosting. They will have purchased one of three certificate options, which should be right based on your needs.
Why does Google want me to make these changes now?
Google warned as far back as 2014 that HTTPS would be considered a positive factor in your ranking in search results. It further added to this in January 2017 when they rolled out a change to the way results are displayed.
Now they are showing the security connection in the address bar, as part of wider plans to mark all HTTP pages unsecured.
This is where the new holding page displaying a ‘warning’ about HTTP websites is coming in. as with most cautious web users, most people will avoid a website that Google recommends as being a ‘risk’ - which is why it’s crucial to sort your website security ASAP.
This rule only applies to websites that display a password and/or Credit Card field, but In future months, they’re promising to extend this to websites with a contact form. That’s virtually every website on the WWW.
What do I need to do first?
Speak with your website hosting provider. Clarify that you have a HTTPS website and the appropriate SSL certificate in place.
Ask questions about their plans to maintain your website security and don’t be afraid to ask other reputable developers or agencies for their advice.
Not reassured? Speak to other businesses - can they make a recommendation? Often the best recommendations come from people you trust, after all.
Barclays recently unveiled their festive digital campaign warning customers about how to shop safely online.
If you'd like to speak to Thrive about your website security, we're also happy to help.
Find more like this via Website Design.