At its 2014 I/O Conference, Google signaled its preference for HTTPS websites when it called for HTTPS to be “everywhere” on the web. Later that year, they announced that HTTPS would be used as a search engine ranking signal. This means that HTTPS enabled sites would be given preference over HTTP sites.

In a post on the Google Security blog, Emily Schechter of the Chrome Security Team announced that with the release of Chrome 56 scheduled for the end of January, the browser will mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure. Eventually, if your website remains on the plain old HTTP protocol, it will be flagged as non-secure no matter whether you collect credit cards or personal information or not. And since HTTPS is already used as a ranking signal, you can expect an increased bounce rate and a loss of any competitive edge you may have over rival websites that have converted to HTTPS. Is your site ready for this change?

If your website is already serving HTTPS, you can test its security level and configuration with the Qualys Lab tool. The image at the top of the page is from the test performed on this site, https://victorfont.com. If you're not on HTTPS yet, it's a good idea to plan for the migration. Converting your site to HTTPS may not be as difficult or costly as you may imagine. For help, please feel free to send us an email or give us a call to discuss your need.