Choosing to encrypt a website is becoming less and less of a choice for site owners. The switch to HTTPS is quickly becoming non-negotiable.
Thank the big players out there for making it highly desirable—if not mandatory—for HTTP sites to go HTTPS.
- Google has clearly stated that HTTPS is an important ranking factor. No one wants to get lost in the search shuffle.
- In 2017, WordPress—the open-source website-creation tool used by millions—will require hosts to make HTTPS available to their customers.
- Starting in January, Chrome 56 will alert users when HTTP sites that transmit passwords or credit cards are insecure.
Eventually Chrome will flag all HTTP pages as “Not secure.” HTTPS is considered the new standard—the bare-minimum security we come to expect when visiting websites.
Without SSL (secure socket layer), cybercriminals can eavesdrop on data passing back and forth on the network. They can view credit-card purchases, read private messages you send to a friend, see sensitive medical research you’ve done, and much more.
All this information can be used against you in the form of a phishing, malware, and other schemes.
Individuals, small businesses, and K–12 schools shy away from making the switch to HTTPS for several reasons including:
1. My site isn’t important or sensitive enough for HTTPS.
Moving forward, encrypted websites will be the norm, and HTTPS the new standard for everyone. Whether or not privacy/security issues pertain to you, it’s important to get the HTTPS ball rolling in your school.
Plus, with Google Chrome’s new labeling policies, users may be alarmed to see your site designated “Not secure” and choose not to proceed. Give parents and community members peace of mind with an encrypted website.
2. HTTPS costs too much.
Website owners traditionally buy SSL certificates from a certificate authority. You need a separate IP address for each certificate you want to use. SSLMate offers certificates for as little as $15.99/year. The automated open certificate authority Let’s Encrypt is free.
3. I’ll lose search search-engine ranking.
There may be a temporary fluctuation, but the impact should be minimal and short lived. Google even has a search-ranking boost for HTTPS sites, giving them a positive ranking symbol.
For more information on the myths and realities of HTTPS, watch this terrific Google Chrome video: Mythbusting HTTPS. “In this talk, we debunk some common myths and fears about HTTPS, show you why it’s an essential feature for progressive web apps, and dispense some tips and tricks for getting a shiny green lock on your site.”
Of course, with the mad dash to switch to HTTPS, school Internet filters need to be able to content-filter encrypted traffic. Learn how SecureSchool with SSL Intercept can help in our blog post, Why You Need SSL Interception
About the Author:Lisa McComsey is a freelance writer, marketing consultant, and contributor to K12USA’s website and blog. In addition to her passion for technology, Lisa is a running and bicycling enthusiast, author of two books ("The Vegan Cheat Sheet" and "Seagan Eating"), and a hopeless chocolate addict.