Have you noticed how quickly things change in tech?
Seemingly from one day to the next, there is something new. New developments, new possibilities, and new opportunities.
But along with the innovation, there must also be security.
With the number of people using the internet well above 3 billion and growing, the security of the growing quantities of information whipping from one computer to another needs to be secure.
There’s A New Protocol In Town
You know that funny “http” thing before your website address? That’s actually telling you what the protocol is for the communication of information between your website host and the computer that you are viewing the site from. Cool huh?
And there’s a new, secure protocol that you need to know about, it’s called https.
Historically, we’ve seen https connections being used for sensitive transactions within corporations or, starting in the 2000s, being used for websites to secure user communication, identity, and browsing.
Today, this secure protocol is starting to be recommended for all websites.
Benefits of Https
- Good for SEO – search engines like Google announced they would be using https as a ranking signal even as far back as 2014
- A bit more secure from hacking via password – https means your password is a bit harder to steal and therefore your website harder to hack
- You’ll look more credible – visitors will feel safe on your site, knowing you are who you say you are and also that their information is secure
Everything You Didn’t Want To Know About HTTPS But Now You Have To
What Is Https?
Https is a secure way to send information between the server that hosts your website and the computer that your website visitor uses. The information is encrypted and only the server and the recipient can read the information.
Why Is This Necessary?
On http, your information is being sent back and forth unencrypted meaning that it can be intercepted by ill intentioned or malicious parties (called man-in-the-middle attacks).
Importantly too, https provides assurance that you are who you say you are. A website visitor, when visiting an https secured website, can be reasonably sure that they are communicating with the website they are intending to communicate with and that has not been forged by a third party.
What Information Needs To Be Kept Safe?
So maybe we don’t care as much if someone in the middle sees that we’ll be holding an event to help sexual abuse survivors next Tuesday. But information that certainly needs to be kept safe include credit card information, identity information, and passwords.
There’s also a need to protect your personal information and that of your website visitors like addresses and emails.
- If you have an online form on your website, you will want to have https so that you can transmit that information encrypted.
- If you collect emails for email marketing or blog subscriptions, you will want to have https too.
But really, the movement towards https includes everyone. If you have forms, collect emails, or neither you’ll want to move towards this secure protocol.
More On How Https Will Be A Website Credibility Issue
Chrome recently announced a new warning scheme that includes an update to their UI that will more prominently feature indications of if a website is secure or not. That means that If you don’t have a green lock that says secure next to it, it may significantly reduce the credibility of your site.
It’s of utmost importance that website visitors feel that you are professional and are looking out for the safety of their data. If they visit your website and they see that the connection is insecure they could be scared off or think you are less professional then you claim to be.
How To Get Https For Your Website
Luckily, there’s a great, free TLS certificate that can make https possible on your website hosting.
The free TLS certificate is called Let’s Encrypt and is supported by a lot of good website hosting companies. Https is something that needs to be set up on your server (your website hosting)
In some cases, switching over to Https will be covered by the support services at your host, so the first inquiry is to reach out to them.
The second, if they don’t support it or don’t cover it’s installation, is to find a systems administrator or website developer who can install it for you.
Once it’s installed, if you are using something like Let’s Encrypt, you don’t have to do anything to maintain it. However, you will want to be sure you don’t start hotlinking content from insecure outside sources otherwise you’ll trigger a warning that may look worse than not having it at all.
The Effort Is Worth It
Even though it might take some effort to understand what Https is, why you need it, and put Https in place on your therapy website, it’s for the better.
Better security for you and your visitors, better SEO. A further benefit too is that you’ll have a better ability to scale in the future too if you decide to move into having an online shop. Https is just better.