We knew we needed an SSL certificate to accept credit card payments and protect personal data. We decided that instead of only encrypting the sites with payment information, as most sites do, we should encrypt our entire website. We have a number of forms on our resources page, so why not protect that information? Sure, company name and email may not be as sensitive as a credit card, but why not keep it private?
What is Encryption (HTTPS)?
Encryption keeps your personal information secure.
On a site without encryption, your information is passed in the “open.” That means that even though your password or credit card number shows up as little dots on your screen, anyone with access to the network can see that password.
As Matthew Vaughan notes, people can hack into a network and watch traffic that flows across the network. If an attacker sees your password as it is passed from one page to another, they could log in as you and send spam, steal information or add spyware or viruses to your machine or network. They might then use that same password to try to log into other sites (which is a good reason to have separate passwords to important websites).
Encryption changes a website from HTTP to HTTPS and ensures that your password is never in the open. Thus, even if someone hacks into your network they do not see your password.
Every major ecommerce site and sites with logins, like Gmail, Dropbox and others, use HTTPS so your credit card information and email passwords are secure even if someone is snooping on your network while you’re visiting their site.
Why Encrypt Your Website?
As Cyrus Shepard noted in his in-depth encryption article, HTTPS can help everyone’s website, even if you’re not taking credit cards. Specifically, HTTPS:
Verifies the website is the one the server is supposed to be talking to
Stops tampering by 3rd parties, stops Man-in-the-middle attacks and makes the site more secure for visitors
Encrypts all communication including URLS, protecting browser history as well as more sensitive information like credit card information
SEO and Marketing Benefits of HTTPS
The security benefits of HTTPS is well-known, but that is often not enough of a reason for a company to make the effort to encrypt their website. Fortunately, there are also SEO and conversion benefits to encrypting your site that can help marketers.
1) HTTPS Sites Rank Better on Google
Rarely does Google tip its hand to what improves a site’s ranking. When it comes to HTTPS (and maybe as a middle finger to the NSA for spying), Google has explicitly stated the encryption improves ranking.
While it is not a top factor influencing search, Google has noted that it could gain more influence as webmaster have time to integrate encryption across their websites. In short, Google loves https and you should too.
2) Correct Referrer Data
When someone visits an encrypted HTTPS site, the referral data is preserved. This is true whether the visitor came from an encrypted or unencrypted site.
However, when someone visits an (unencrypted) website from an encrypted site, the referral data is removed. Those visitors are then incorrectly labeled as “direct visitors.” Those visitors are then incorrectly labeled as “direct visitors.” As an example, if someone clicks a link on the encrypted 9 Clouds website to visit the unencrypted Lemonly infographic design blog, that visit will be labeled as direct.
This screenshot shows an example of referral traffic from 9clouds.com disappearing after we encrypted our website in October:
If, however, Lemonly's blog was encrypted, that traffic would be correctly labeled as referral traffic. Having an accurate number of referrals improves your marketing measurement and helps focus on what works.
3) Customer Trust
An encrypted site has a lock icon on the address bar. This simple icon improves customer trust. Some reports have noted that 61% of customers have not purchased online because the site does not have a trust seal.
The Internet is slowly moving towards an all-encrypted Internet as promoted by large web companies like Google, Dropbox, Yahoo! and others. As more sites have the lock, the sites without the lock will appear old-fashioned and less secure. Web visitors will continue to become more savvy with their privacy, especially as stories of cyber crime fill the news, so simply having HTTPS on your landing pages and forms will ensure visitors are not hesitant to share information with your website.
Is It Time to Encrypt Your Site?
There are costs to encrypting your site. A basic SSL certificate is only about $15, but redirecting old links and making sure everything is set-up correctly does have costs.
Based on our experience, however, I would highly recommend encrypting your site. At the very least you will better protect your customer’s data, at the very best, you will see improved SEO, enhanced marketing insight and increased conversions of form submissions.
Privacy is a growing concern on the Internet. Fortunately, marketers can ensure privacy for their website visitors and be rewarded for the effort. It’s not often that less information means better results for marketers, but when it comes to privacy, that may finally be the case.
Originally published Nov 11, 2014 10:00:00 AM, updated July 13 2020