Is your site secure? Like, really secure? I mean, with HTTPS and everything?! Well, if you’re one of those la-ti-dah folk that values privacy and security and wants to keep your visitors safe (though, after all we’ve learned lately, is anyone really safe??), Google is ready to give you an ever-so-slight boost in organic rankings.
Search Engine Land confirmed yesterday that the search giant has begun granting websites with SSL certificates “a very lightweight” ranking benefit over their non-secure counterparts. Of course, content is still king, and Google has no plans to discount content-rich sites with no SSL certificates at this time. In fact, the company told SEL that the change will impact “less than 1%” of global queries, based on earlier tests.
Here, again, is where Google and I disagree.
For sites where financial or sensitive personal information is transferred between user and host, I fully support SSL. I’d even support Google using this as a factor for determining the ranking of competitive websites in a query. There’s certainly no reason, even if SSL won’t totally protect anyone these days, for not implementing the security protocol on eCommerce and health-tracking and a host of other verticals of websites.
But, for blogs? Nope. No reason to get SSL. And no reason for Google to decide to rank us differently based on that fact.
On sites such as this one, there is only one instance where personal information is collected: if you fill out a contact form. The contact form setup contains no password data, no social security numbers, no first pet’s name…none of that. Therefore, there’s very little risk to visitors. The only other function of this site that asks for a log-in is managed by Discus; which, happily, does not store any data on my servers.
Without conducting a formalized poll, I’m guessing many of you in the blogging/small business community are in a similar boat, when it comes to what your site is collecting and storing from users.
It’s not that purchasing an SSL certificate is all that expensive, mind you. Go Daddy, where this site is currently hosted, provides them for about $70/year, which isn’t unreasonable. There would be, however, some significant SEO work involved, however, to ensure that redirects were put in place to direct visitors to the new HTTPS links, and to be certain your HTTPS is able to be crawled by Google.
That, unfortunately (or not?), isn’t something I have time for in the near future. Between working on a redesign and branding effort, I don’t have the resources for a full-on SEO project right now. For you SEOs out there, though, now would be a great time to start hitting up dormant clients to get them to switch over to HTTPS. Every cloud has its silver lining, I suppose…