Googles makes a lot of companies aware of web security in a snap.
How? By making HTTPS a ranking criterion!
“HTTPS, what is it? How does it work?”
Looking at the reaction to Google’s announcement, we quickly notice a lack of knowledge of web security basics among web professionals and website owners. Pretty scary when you know the threats and sensitivity of information transmitted over the Internet.
Google had the key to bring some aspects of web security to the forefront
The top priorities for webmasters, digital agencies and website owners are always the same: those with which a clear return on investment can be quantified or perceived. Egonomics, design, SEO, ads… investing in security is a bit like buying an insurance policy, you don’t always see the result once the investment done, so you often put it aside.
By including HTTPS in the ranking criteria, web security (or at least HTTPS…) becomes a subject of growing concern for many people.
What is the purpose of HTTPS?
HTTPS answers to three different points:
- Data integrity
- Data encryption
Authentication allows the web browser to ensure that the web server it is talking with is really the one it claims to be, and not a malicious server.
Data integrity means that information exchanged between the browser and the server has not been modified on its way by someone. Without HTTPS, a malicious guy can get the data and modify it before letting it move forward to the server or browser.
Data encryption ensures that data have not been viewed or copied during their transmission. This is particularly useful for sensitive data, such as connection credentials, or sensitive transactions.
As a result of this decision to include HTTPS as an SEO criterion, Google found a way to make the web safer, broadly.
You can have a look at Google’s security blog to read the full announcement (by the way, their blog is not under https yet…):