As of January, 2017 website security for member log in websites and all websites that accept and/or store credit card information must be secure (HTTPS). Google will begin to penalize e-commerce and member-based websites if they are not secure.
Main difference between HTTP and HTTPS
HTTP is the protocol that allows the web server to communicate with a web browser. HTTP web data is transferred as plain text. Credit card numbers, passwords and social security numbers can be mined by hackers. Alternatively, HTTPS is not text based. Instead, HTTPS uses SSL (secure socket layer) and TLS (Transport Layer Security), data is encrypted and is impenetrable to the outside world. Another benefit of website security is faster page loads.
Website Security Increases Online Sales and Business Credibility
A 2014 survey by Global Sign indicated 85% of people who buy items online will only buy from websites they know are secure. Chrome and Firefox web browsers show a lock in the title bar on secure websites. The lock graphic assures the website is secure and the company is credible.
Google will begin flagging non secure websites that gather log in and or financial data with a red triangle “Not secure” warning. By adding the red triangle to non-secure websites, Google will effectively shut your website traffic off.
Have you seen a Google warning to stay out or “harm may come to your computer” on a website? As web developers, we know that these sites have been hacked. Even though they may already be cleaned, we still respect the warning and stay away. Often, if a site is hacked once, it will be targeted again. Similarly, the red triangle will be a digital stop sign.
Will Your Company Website be Affected?
Eventually all HTTP pages will be labeled as non-secure. Even if your small business website doesn’t collect member or financial data you’ll need to have website security. Hackers are becoming more sophisticated and even small websites with low traffic are targets.
Google has not released the date in which they will be marking all non HTTPS compliant websites as insecure. They have set January, 2017 as the date they will begin rolling out the penalties to websites that gather personal or financial information. We will share critical dates in emails.
How do you know if your website is part of this first phase?
Organizations and small business websites that accept payments online and websites with membership portals, are required to have website security.
Types of Member-Based Websites:
Trade association websites, non-profit organization websites, website directories, web forums, all websites that ask for a log in. This includes small business websites that may not receive payments. For instance, if you have a website that sells yarn or fabric and all of your sales go to Paypal you wouldn’t need HTTP right away. That same website can be aa member-based website if it requires a member account for free access to pattern downloads. You will need HTTPS designation for your small business website.
E-Commerce Websites or Web Shops
An e-Commerce website is any website that offers products or services for purchase on the website. Selling products online such as photos, handmade art, hunting supplies, and any product available for purchase online falls under e-Commerce. In addition, services like our individual brand consultation and our monthly website maintenance are also. If a website maintenance customer chose to pay online through our website and not through snail mail or Paypal, our site would need website security.
As you can see, it doesn’t matter what items you offer. Your items for sale can be a products or services, as large as an RV or as small as a brand consultation. If customers log in to your site or if they can send payment through your website you need a secure website. If you do not have website security, call and connect with us today. Don’t wait until your customers get scared away.