July 2018 change in Google Chrome SSL labeling. Should you have SSL for your site? A Digital Marketing perspective.

• Team Outreach @ KDROM
• Digital Marketing Strategies, Security, SSL, Technology

Should you have SSL on your website?  Well, there are technical reasons why; but, we would highly recommend for Digital Marketing reasons that yes, you should have SSL.  It helps present another reason to be chosen.

But first, what Google did and is doing.  On July 1, 2018, Google announced they would be adding a new security labeling to web sites if viewed in their browser, Google Chrome.  They had started this program long before, showing warnings in Chrome and even on their Search Engine.  On July 1^st, with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

Read Google’s full announcement here:

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

Google Chrome holds about a 60% market share for browsers, give or take a few points depending on the survey.  Your site will likely be viewed on a Chrome browser by many of your customers.  So, it is important to understand if this will affect you.

In addition, other browsers to varying degrees label non-SSL sites with warnings, search engines in some shape or form also do it (see Google above).  Finally, another not much thought of item is that Antivirus software, such as Norton, McAfee, or others, have a browser plug-in that ‘helps’ users decide if sites are safe or not, almost all use SSL as the primary measure of safe or not.

Simple SSL explanation

SSL encrypts data In Transit from the user’s device to your server, and the response as well.  It does not protect data at rest while on your server.  It provides some protection, but not everything to protect the server from attack (such as protecting from a Man in the Middle attack).  If you would like to read more technical information about how this works, there are loads of information available on the web such as the link below.

https://perezbox.com/2015/07/https-does-not-secure-your-website/

Digital Marketing Perspective – Should you have SSL?

For sure if:

1. You have a login capability for your site. This could be simply so that you can present them with data customized to their needs, or they can reply to information, or have their profile remembered.
2. Your users send any data, in any way deemed personal (like their name, address, credit card info, etc.). This could be an eCommerce site, a SaaS application or anything where the user is sending data.
3. You have any forms on your site for people to fill out. Even as simple as collecting their email address for more information.
4. Have a mobile APP (iOS or Android), that will ‘call’ on your web site to get information. The mobile app development approval process now requires that to be transmitted in SSL (even if it’s only one-way outbound communication, they still require SSL).

These all seem obvious, yet many companies still don’t have SSL Certificates for their sites for the above information.

Here is the harder question:

What if my site only provides data to the end user, in a one-way outward-bound information flow?  Do you need SSL for that?

Technically, you do not, there are some very good Digital Marketing and reputation reasons why you should.

Why do you have an outward-bound only site?  If you are a business or an organization trying to gain customers or interest, you should be using all your efforts to get that connection from them.  You need a contact me form, a follow me via email form, get more information, or Inbound Marketing campaigns to get a customer’s name, telephone or email so that you can create a warm lead for your sales team.

Why have SSL for outbound-only sites – A Digital Marketing Perspective.

1. The perception of your information as it shows up in browsers should be the best presentation possible from a security perspective. You have invested so much in your business or organization.  Why would you want to get shutout by this labeling that makes you look not secure?
2. It doesn’t cost much – ask your hosting provider. There are many levels of SSL, shared or dedicated, and simple or complex.  If it doesn’t cost that much, see #1 above, then why not look better and not be ruled out?  It may even be included in your current hosting plan, but you haven’t ‘turned it on’ yet.
3. While it may affect the performance of your site ever so slightly, the impact is negligible. With fast computing technology these days, it shouldn’t have any major impact on the page. Other factors such as image and script optimization and usability (how much information is on each page) will have a much greater impact.
4. It’s not just the browser that labels your site – it’s also search engines and Antivirus software. So, you can get dinged in many ways.

Why wouldn’t you want to give users more reasons to select your site (not eliminate you).  If you need any advice or assistance implementing SSL on your site, KDROM is here to help.