As with everything “internet”, there are constant changes, updates, and better ways to do whatever you want to do online. It’s a never-ending sea of change.
In my recent research to bring you into compliance or least increase your understanding of what compliance means when the GDPR takes effect next week, I opened several cans containing more than just worms.
One thing for sure, the world is more and more concerned with how their data is being used! Privacy is the “issue of the day” for everything from signing up for an email list to posting on Facebook. Now, with the new regulations from the GDPR, the public demand for a secure online experience is growing.
With this intensifying emphasis on privacy, I want to re-visit the idea of HTTPS. As Google states, “HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site.”
Get on this bandwagon asap
It is quickly becoming the “standard operating procedure” for proof that your site is safe. Look in the footer I have on this page and you will see my security certificate from GoDaddy.
If you are using Wix – my recommended website builder – you have the SSL certificate built in and your URL will have the HTTPS protocols. You can skip the rest of this post today! (However, I can’t vouch for any other site builders, so go check your URL while I wait.)
So what’s your situation? If your URL is the plain wrapper, HTTP (no S at the end) then you saw one of the two pics below. KEEP READING!
Why you need to take the extra step
This is my jewelry website:
You probably have the above warning if you don’t have the certificate.
However, Google and other browsers are going to label you as “Not Secure” eventually. You don’t want this:
Essentially, you are on borrowed time. Eventually, all sites will have a more aggressive red warning!
In both cases, the visitor to the site needs to click on the icon/flag to see the information in the drop down, but example #2 is pretty RED, yes? Do you want a big red flag and the words “Not Secure” to be associated with your site?
Who really needs it?
For the sake of appearance, everyone needs this. Some of you might have a shopping cart that (eventually) shows the secure URL, but only at the page when someone is starting to give their personal data to you. That is not enough nowadays. Every page should be under the auspices of the added security features found in the HTTPS.
For many reading this, the first thing that shows up when someone lands on your site might send them clicking away instantly! Click To Tweet
I know some of you are thinking that because you don’t have a shopping cart (and why is that, exactly?) or you don’t take any information from anyone who visits your site (again…why would that be true if you are trying to be a “business”?) that you shouldn’t be “forced” to get this upgrade. Well, no one is forcing you. There are no fines if you don’t do this. But surely you want to look (and appear as) safe to your visitors, right?
We are forced into all kinds of situations as businesses. So go ahead and roll your eyes. Then go fix your site.
Free or cheap is available
If you are truly using your site only to blog or as a portfolio only, then find a free certificate. Google it. But be careful. And if you aren’t very savvy about coding and other “stuff” then consider contacting whoever hosts your site and getting them to help you.
My jewelry website is strictly a portfolio. I have never sold online and I take NO data (beyond some cookies). The thought of any extra costs is just out of the question. Eventually, I will “fix” the issue and maybe I will get a “free” certificate. If I do and if I have the time, I will try to share the process.
But for this site, where I have people leaving personal data like joining my list, using the search engine or adding comments (thanks for that!), I needed to be on top of this security certificate because I trade in trust as much as anything else. I got it up and running some time back. It’s easy. I promise.
In my case, I went to my host, GoDaddy. I chose to keep it simple – plus they are there to call 24/7 if I got confused or broke something. It’s sixteen cents-a-day – around $60 a year. I sleep well knowing I have an officially accepted SSL and a badge to prove it.
For anyone who wants something cheaper, I saw cheaper examples. Google it…but be careful. I can’t give recommendations since I have not used any other products. Do your due diligence.
One noteworthy issue to understand: You are essentially moving (migrating) your website to a new server. Your site will need to be “found” on the internet again. As another benefit, after the dust settles, it nice to know that Google will rate a secure site higher in searches than a non-secure site.
If all of this has you throwing your hands into the air and cursing the “internets”, and you just want a hand to hold, connect with me anytime for a quick chat about your website and let’s brainstorm your issues. Include your website address in your email to me.
Overall, this article is scraping the very tip of a big iceberg, but HTTPS upgrading has been on my mind for quite some time. The GDPR just put it front and center. You need to put it front and center.
Meanwhile, put any questions you have in the comments. Or take a moment to let me know you read this rather important article. I love knowing that I am helping. Your comments are my only support.