Google have indicated a real interest in rewarding website designs that work over a secure connection. For those of you considering, or in the process of, a new web development, this is worth bearing in mind.
Websites working over a secure connection have several benefits. The first, and most obvious one, is that traffic is encrypted between a visitors machine and the web host. That means it’s almost impossible for anybody to listen in to that traffic. That’s why all banking websites use a secure connection!
But why would your small business website benefit from using the same technology? And why would Google be so interested in it that they may, at some point in time, reward your website with better ranking if it is ‘secure’? Well, the secure certificates that are issued to provide that functionality aren’t just handed out by any old person. They are issued by a limited number of certificate issuing authorities who validate that businesses are who they say they are before granting a certificate. A certificate therefore also provide trust that your website is who your website says it is (ie. Not some dodgy spam look-a-like website) – this is why Google are so interested in them.
Making a website secure isn’t quite as simple as just buying a secure certificate (something your web host arranges for you). The web design has to ensure that all files it references are also secure (you would be surprised just how many separate files are pulled in to make up even a simple web page). Hence why if you’re having a new website development, now is the time to consider asking the web developer to make it secure from the outset. Personally I’m seeing more and more websites showing the padlock icon, in a couple of years time I could well see it being the norm, not the exception.
Aside: ever visited a website and seen the message “this connection isn’t trusted”? That often scares people, but usually it’s just a case of a web page being served using a secure certificate that has expired or which was put in place as a test by a developer and which therefore lacks the ‘trust’ element that an independent certificate using authority provides (the bit that Google will be so interested in)