When submitting sensitive information — such as credit card or Social Security numbers — into a website form, most everyone knows to look for the signs of a secured connection before proceeding. You can tell by looking for the little padlock icon or the letters “https” before the website form’s URL. If you see that, what you type into the form will travel securely from your device to the web server and cannot be (easily) intercepted and exploited along the way.
What you may not know is that Google and other online services are now close to requiring a secured connection — also known as encryption or secure sockets layer (SSL) — for all websites, even those that don’t collect personal information. This creates an important to-do item for anyone with a website that wants greater consumer trust, high search engine rankings, and to keep pace with technology.
According to the U.S. Chief Information Officer’s website (which has a section entitled “The HTTPS-only Standard“), every time a user accesses a non-encrypted website, it “reveals information about a user’s behavior, and the interception and tracking of unencrypted browsing has become commonplace.”
“Today, there is no such thing as non-sensitive web traffic, and public services should not depend on the benevolence of network operators,” the site says.
The federal government is actively converting all its websites to the HTTPS standard. As of today, the project is more than three-quarters done.
Law firm websites collect user information through both server-tracked traffic analytics and all contact forms on the site. As the notion that web users’ behavior can be tracked on non-secure websites becomes more widely known, consumers are going to expect a secure site — especially one for legal services — before interacting with it. Without it, therefore, a website visitor may leave the site.
But consumer trust isn’t the only current benefit of switching your website to HTTPS. Google has, for several years, strongly favored encrypted sites and has changed its ranking algorithm to favor them.
While the boost is currently slight, the Google preference is toward encouraging all sites to become encrypted, it is likely that Google will eventually give encrypted websites an even greater boost. So, to make your website rank well, it would make sense to switch to HTTPS.
With consumer trust and search-engine rankings tending toward encrypted sites, you may be wondering if your site is encrypted, and if not, how to make it encrypted.
To see if your site is secure, simply go to your website and look at the address. If you see “https://” before the website address, you have a secure site. Other indications are based on what web browser you’re using — Chrome, Firefox, Mozilla, Safari, and Internet Explorer have green or gray padlocks before the web address.
If on the other hand, you only see “http://” or your browser shows a red padlock, a padlock that is not closed, a line going through the website’s address, or a triangle on top of the padlock emblem, the website is not secure and you should proceed with caution.
To turn your site from non-encrypted to encrypted (without going into the technical details), it’s best to ask your webmaster to acquire an SSL digital certificate for your domain, one that uses a 2048-bit key. For the technical details, direct your webmaster here.
Or, we can do it for you. LISI hosts nearly every one of its clients’ websites and can, in most cases, migrate yours to a secure and stable web server.