By Joe Brodar
Secure Socket Layer (SSL) certificates are used to protect the visitors that land on your website, as well as any information that they transmit or receive from your website. This means that passwords, credit card information, and user information such as their name, email address, and personal details are encrypted, or locked with a key that is known by your website’s server, making it impossible to be read by anyone but the intended recipient. This is why any online checkout pages and login pages should always be secured and accessed using HTTPS and not plain HTTP.
A few months ago, we predicted that the major search engines would begin to devalue websites that are not using an SSL certificate. So where are we now?
Search Engine Signals
In August of 2014, Google announced that they were introducing the use of SSL as a lightweight ranking signal, and several research projects by SEO industry experts, such as Neil Patel, showed a marginal correlation between websites using the HTTPS protocol, and higher rankings in the Search Engine Result Pages (SERPs). In December of 2015, Google announced that they would begin crawling HTTPS version of pages on their own, even without links that lead there from an HTTP version, which means that they began to prioritize secure pages over insecure pages as early as a year and a half ago.
So far, analytics have not shown an increase in the signal strength for SSL, and it remains a relatively minor factor when determining where a website will rank in the SERPs.
However, this does not mean that you should disregard the importance of using SSL on your website. Data has already shown that more than half of the top-ranking websites on Google are SSL secured, and that percentage will only continue to grow. It is not going to guarantee that your website will be in the top spot, or even that it will be on page one, but it does influence your website’s rankings in a positive way. Within the next couple years, it will most likely become a more influential signal to search engines.
This prediction is based on indications made by Google surrounding the importance of encryption, and how it has begun to affect the user experience on the Web. Officials from Google have stressed on their security blog the value of using secure transmission protocols, urging webmasters to implement SSL certificates: “Browsing the web should be a private experience between the user and the website, and must not be subject to eavesdropping, man-in-the-middle attacks, or data modification.”
If you use the Google Chrome browser or a comparable modern web browser, you may have noticed a subtle change that has been rolled out over the last six months: to the left of the page address is an icon and some text. This section is used to tell you whether or not the website you are interacting with is using a secure connection and encrypting your traffic. There has always been an icon here to indicate the security level of the website, but now it has gone a step further by displaying “Not Secure” when a site does not use SSL, instead of simply not showing the green lock icon.
Not only is the security status of the website shown in your browser when you visit a site, search engines are beginning to display this information next to results on the SERPs, allowing a searcher to quickly determine if a website uses an encrypted connection before ever visiting the site.
With all of the cyber security breaches, attacks, and FCC decisions that have occurred recently, Internet users are more intent than ever to protect themselves online, and when presented with two options that can get them to the same end goal, they will likely choose the option that is encrypted and protects any information they enter. This is especially important in the legal field, as a potential client may be entering case details that include sensitive information into a form on your website. A potential client that is worried about their personal information being shared or stolen is likely to share less with you, or they may not share anything with you at all, and move on to the next attorney in the list.
What does this mean for my law practice?
First and foremost, Google is the de facto controller of web traffic, capturing more than 85% of search engine referral traffic to our sites, so they have extraordinary control over the “rules” that webmasters and SEO experts must abide by. Because they have a track record of outspoken support and pushing for encryption across the Web, it is best to get on board with what they are asking before they begin penalizing people who leave their visitors unprotected.
Not only will you be getting ahead of the curve with search engines, you will be sending a strong signal to any potential clients that visit your site. By securing your website with SSL, you are saying to that potential client, “I care about your privacy and security, and I want to protect you.”