Secure Search: A Clearer Argument for Migration 

The boost in SEO rankings has proven to be small, as suggested, but there are now more compelling reasons to transition to a secure search. Now is a good time to revisit and reconsider implementing security into your technical improvement plan.

Search and Success: How to Make Your Website, Content and SEO Pay OffIn 2014, when Google announced that its search algorithm would soon give boosted ranks to secure sites, I recommended a cautious approach and suggested that site owners carefully weigh the pros and cons before migrating to a secure site environment.

At that time, corresponding boost sizes were undefined and for many companies, it was unclear whether the potential site disruption would be worth the expense.

The boost in SEO rankings has proven to be small, as then suggested, but there are now more compelling reasons to transition to a secure search. Now is a good time to reconsider implementing security into your technical improvement plan.

That Was Then

In 2014, I recommended the prudent approach of focusing on site speed improvement, with the long-term goal of moving to a secure environment. A small, unquantified boost in rankings was not worth the effort of making the immediate move to a secure environment. Unless site owners sped up their unsecured sites and placed protocols to continuously monitor and test that speed, going secure seemed expensive and ill-advised.

This Is Now

The basis of this recommendation has not changed, but the best time for implementation has. Instead of keeping the transition to a secure environment on the “maybe someday” list, it should be integrated into your 2017 plan.

The Pioneers Have Taken the Arrows

A great advantage of having taken a cautionary approach to secure sites is the ability to learn from the pioneers.

As with product planning, the pioneers take the arrows while settlers follow behind and take the land.

With regards to site migration, there are now enough collective experiences and a well-trodden path to provide guidelines for tech teams to follow. Shifting and redirecting thousands of URLs for a large site is still a significant mapping task, so migration will not occur instantaneously. But an ever-growing number of sites have already successfully made the shift, and you should consider doing the same.

Google Favors HTTPS

Google continues to advocate for a more secure Web.

Data gleaned from Google Chrome users has shown that users spend a greater amount of time on HTTPS pages than on HTTP pages — a rate that is increasing across both mobile and desktop access.

Google notes that more than half of pages loaded and two-thirds of total time spent by Chrome desktop users occur via HTTPS. The longitudinal data shows the prospects of continued growth, as both users and sites are adopting and adapting to a more secure environment.

A further incentive is on the horizon: In 2017, users of Google Chrome can expect to see clear designations on the browser bar whenever they visit insecure pages that accept usernames, passwords or credit card information.

Google intends to further tighten the ratchet by warning users of potentially harmful sites in 2017. This shaming of insecure sites should provide a stark incentive to make the move.

Take Action Now

As I see it, now is the time to complete the plans for your switch to a secure site. Set a specific date and then execute your plan.

But take caution in your move, and keep best practices in mind: Learn from the experiences of the pioneers, ensure proper crawling of your new secure site and protect your valuable search rankings.

Moving to a secure environment is no longer just something that should be done for the tiny boost in rankings — it is now a move to protect the reputation of your business.

Should You Make Your Site Secure for Improved SEO Results?

Just this past month Google confirmed that in the future, its search algorithm would be giving a rankings boost to secure sites. This confirms rumors that have rippled through the search marketing industry for several months. This recent change is part of Google’s continuing efforts toward a more secure Web. Like so many pronouncements from Google, this has forced many site owners to reconsider whether to make their sites secure. Site owners need to carefully evaluate the pros and cons of going secure. It may not be either prudent or cost effective at this time.

Just this past month Google confirmed that in the future, its search algorithm would be giving a rankings boost to secure sites. This confirms rumors that have rippled through the search marketing industry for several months. This recent change is part of Google’s continuing efforts toward a more secure Web. Like so many pronouncements from Google, this has forced many site owners to reconsider whether to make their sites secure. Site owners need to carefully evaluate the pros and cons of going secure. It may not be either prudent or cost effective at this time.

When Google made all searches secure and stopped providing site owners the keywords used by searchers to sites, the search giant gave a clear indication of its path and direction toward a ensuring a more secure, safe, Web environment. Google reasoned that it is protecting the identity of the searcher by not providing the keyword referrer. Some find this claim a bit disingenuous, given that the keyword referrer is still available for users of paid search.

The Pros and Cons—A Short Primer
The single-largest benefit gained by making your site secure is a minor algorithmic boost in Google results. This benefit must be weighed against a number of potential negatives and some steep costs. Secure sites run slower than unsecure sites—all that encryption takes more effort than just delivering an unsecure site. Several years ago, Google announced that site speed was going to figure into the rankings formula. At this time, it is unclear whether the rankings boost from having a secure site will be larger than the penalty for slowness. Google does not reveal the valences of its ranking factors, except for declaring some minor. Unless you have made your unsecure site fast and have in place protocols for continuously monitoring and testing your site’s speed, don’t even consider going secure. It will be like adding another brake to it. Your users and your Google rankings will be negatively impacted. A perceived need to possibly go secure in the future should be the impetus to address existing site speed issues.

Then there is the potential for additional penalties for duplicate content, should redirection and canonicalization schemes prove incomplete. The task of shifting and redirecting a very large site into a secure environment is a large task and may require remapping thousands of URLs. No matter how good your team is, you should expect leaks and misses. It is practically built into such projects. If your site is well-mapped and setting redirections and canonicalization are automated, then you may be ready to go secure. If this is not the case, tap the brakes on going secure. You may be creating huge headaches with just minor payback potential.

Did I mention that there are added costs? SSL certificates must be bought and maintained. How often have you gotten a message that a site’s certificate is out of date? You can be sure that Google will take a dim view of sites with expired certificates. Another unnecessary hit! Then, there are the operating costs. Many small businesses rely on gateways and do not manage a secure environment even though they take payments. If your business already has a secure environment in place and you have fully prepared your entire operation for this change, then and only then should you implement having a completely secure site. If you are not ready, consider what steps you should take to get ready and begin the process, for we can expect others to follow Google’s lead in making the Web safer and more secure.