SSL/TLS Security online

We’ve all seen that little padlock in the top of our browsers, next to where you type in the site address. It’s usually taken for granted that this reassuring little symbol means the site is (hopefully) secure. It’s typically an indication that the site has SSL/TLS certificates installed, which is an encryption technology to ensure communication is secure online. This would cover browsing, emails and instant messaging – typically what most of us use the internet for.

Installation of SSL/TLS has become widespread – it should be regarded as the norm rather than the exception. So instead of highlighting every site that is protected by this with visual “positive security indicators”, Google has opted in their next Chrome update to flag the few remaining sites without SSL/TLS with “negative security indicators”.

Should you consider SSL/TLS upgrade (spoiler: yes)?

The change isn’t instantaneous, but it is still worth thinking about getting your site covered at the least with SSL/TLS security. Even if you feel that it is something only to be considered if you are “selling something” online, having Google flag your site as being a security risk will have an impact on users who might distrust your site as being the non-genuine representation of yourself or your business.

Google is taking the position that SSL/TLS should now be less of an optional extra, and more of something you really need to install. In a few years SSL/TLS will just be a standard inclusion when setting up your website.

Configuring SSL/TLS isn’t a difficult process and can be retrospectively done at any time. The encryption method is also an important search ranking indicator providing websites with greater chances of higher search positions

Source: Negative Security Indicators: Sign(s) of the Things to Come, Jay Thakkar,