Pagoda Blog


Should Your Website Use HTTP or HTTPS?

May 2, 2018

It’s no wonder data security is at the forefront of everyone’s mind, whether you’re a high-profile CEO, entry-level employee, or small business owner. From Facebook’s data privacy scandal and 2017’s record-breaking security breaches to the looming threat of a large-scale Russia cyber attack, there are plenty of reasons to feel a bit anxious when it  comes to our online privacy.

 

If you own a business or are responsible for a company website, it’s more important than ever to understand not only how to protect your own personal data online but how to protect the data of your users as well. The first way to do this is by moving your website from HTTP to HTTPS. This is no longer a smart move only for websites that collect highly sensitive information like your credit card number or date of birth, but for all websites, even those that don’t ask users to provide any information.

 

Here are three reasons you should use HTTPS vs HTTP for your entire site:

 

Protect your users (and yourself!)

Even if you’re not collecting sensitive data on your website (sensitive data includes name and email address), your users’ behaviors and activity can be harvested and used for ad targeting and malicious activity like phishing scams. ISPs can track web visits, clicks, searches, app downloads and video streams which can reveal everything from your clothing brand preferences to personal health concerns.

 

This seemingly benign activity can also be used by malicious intruders to reveal the identities of your users. This allows cybercriminals to use social engineering tactics to gain access to usernames, passwords, credit card numbers, and other compromising information. HTTPS encrypts any information sent between a website and browser and makes it nearly impossible for someone to mimic your website and trick users into sharing sensitive information on a fake domain.   

 

If your site is run on HTTP your own information is also at risk. When you login to your site, cybercriminals can easily lift those login credentials. This is because without a secure, HTTPS connection, your username and password is not encrypted. Instead, it’s sent to the server in plain text.

Improve your search rankings

In 2014 Google announced that it would boost search rankings of websites protected with HTTPS. Google’s Chrome browser now also notifies users when they’re visiting a site that doesn’t use HTTPS. A “Not secure” warning appears in the address bar of your site and deters users from exploring beyond your homepage, much less filling out a contact form or signing up for your newsletter. Another great benefit of migrating your site from HTTP to HTTPS is your website will actually load faster. This provides a better user experience which will indirectly improve your SEO.

 

Establish trust & credibility

Users are more likely to trust your website if it’s HTTPS vs HTTP which has its obvious benefits. According to a 2014 survey by SSL and internet company GlobalSign, 9 out of 10 internet users were more likely to share information or make a purchase on a website with a secure connection. Furthermore, 84% of internet users would abandon a purchase if it required sending their data through an insecure connection. If you’re not using HTTPS, your company is shutting the door on the vast majority of your potential customers.

 

SSL vs TLS

Moving your website from HTTP to HTTPS takes several steps, starting with the addition of a security certificate (which ensures your website provides secure communication between web browsers and servers). This is most often referred to as an SSL (Secure Socket Layer) certificate even though it’s now recommended to use Transport Layer Security (TLS) for reliable website security. For detailed instructions for how to install an ‘SSL certificate’ and migrate your WordPress website from HTTP to HTTPS, we recommend this comprehensive how-to post from kinsta.com.

 

Need help making the switch? Get in touch for more information about our IT consulting services, including migrating your website from HTTP to HTTPS.

 

Related reading:

 

Are Macs Really More Secure Than PC’s?

How to Protect (and Grow) Your Online Presence as a Small Business

Your Web Browser and ISP Know Your Better Than You Think

 

Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and learn how to protect and grow your business with monthly IT tips from our experts. Subscribe today.

 

Need ongoing IT support for your business? Contact us for a free consultation. We’d love to work with you!

 

––––––––––––––––––––––––––––––––––––––––––––––––––––––––––

About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.

 




Return to Pagoda Blog Main Page