Why every website on the internet needs to start thinking about encryption. - S K U A - Serving Glasgow, the Highlands and the Islands

Why every website should swap to encryption.

The world is now at ease with using the internet, to buy things, sharing our lives, or just browsing.  It now falls to every website owner to provide protection to those who use websites. With more people now focused on their security when using websites, not just for making a purchase but for general browsing as well, the call for encryption as standard is increasing.

Why do you need encryption?

When someone loads up your website, there is data sent to and from their computer to the server your website is hosted on and without encryption that data can be seen, used and compromised – not just payment methods but  contact form details and more. There is also the new fear that your website could be faked. Meaning that your visitors might think they are going to your website, but actually, they have been led to a hackers website.

But it also helps your website ranking in search engines, Google said 4 years ago that search rankings would take into account the use of https:// over http:// so if your website isn’t on a secure connection but your competitors are then you will be dropped down. Add to this that more and more browsers will also be dropping the importance of http:// websites in favour of encrypted versions completely with any that have elements that submit details being marked as dangerous to any users.

Switching isn’t all that hard

Mostly it costs a lot per-annum to swap over to https:// due to the certifications, especially if you are a small business. But the technical aspects of it are mostly covered by the company you pay to provide you with the certificate. You just need to sit back and relax. Usually, it’s a server-side switch so as someone who only pays for space on the server then you don’t have access to sort out the certification.

It doesn’t have to be expensive either

A lot of the cost comes from getting the expertise to switch your website over to an encrypted version, as previously mentioned, this is something out of your control.  However there is a free version of encryption you can use for basic websites and it’s something we use as an example on this very website.

It’s called LetsEncrypt and although it doesn’t last as long as paid for encryption (3 months instead of 1 year), it’s still a good stop-gap to make sure your website is secure while you work out your next steps.

I have switched but it still comes up as insecure.

This can happen sometimes, but don’t panic. It doesn’t mean you’ve purchased a certificate that isn’t legitimate. But for this next part you will either need a basic understanding of HTML or a web developer that is willing to make small changes to your website for you.

A website may still appear insecure even on a certificate, if there are any external scripts, fonts, or images that come from a non-encrypted website that will then have an effect on your websites encryption. The easiest solution to this is to check what external websites you are using.