Great news from Google this week for SSL users! The leading search engine is adjusting its famous and mysterious ranking algorithm to reward sites that use SSL. This means that users of SSL will not only get a secured connection to protect their communications with customers, they will get higher visibility when potential customers are searching with Google.
It also means that site operators have an even greater incentive to use and expand the use of SSL, even where they previously thought it was not worth the expense. The cost-benefit calculation has just leaned more towards benefit! In fact, Google is indicating that they will not actually be favoring SSL users but punishing sites that don’t use SSL! Another way to look at is that if you do not use SSL and want keep your current rankings you have to act now.
We see plenty of sites that need to expand their use of SSL. A common example is where a page that receives posted data is secured, but not the submission page itself. This leaves the site, and their customers, vulnerable to “man-in-the-middle attacks” that hackers use to intercept data and commit financial fraud.
The impact on rankings will be modest initially, to give web operators time to react, but Google says that they will increase the weighting of the factor over time.
The Google announcement has been rumored for some time. For the past year, the Google head of SEO Matt Cutts has been waging a very public campaign supporting the idea of favoring SSL sites in rankings and advocating the expanded use of SSL. Although he is one of the most well-known members of the Google senior staff, at least within the tech community, he has always asserted that he was speaking for himself and not Google. If there was an internal debate about this within Google, Mr. Cutts has won the day.
Google itself is expanding its use of encryption, including for Gmail and Google search. In March, Google announced that Gmail will now always use an HTTPS connection and encrypt all messages moving internally on Google’s servers. Gmail has always offered HTTPS as an option, but users no longer have the ability to disable it.
Importantly, Google also announce that in addition to your emails be protected moving between your computer and Google, every email will be encrypted while moving between its own server in its data centers.
What Should You Do?
Google clearly takes securing its customer’s communications very seriously. Shouldn’t you?
You can get started quickly at http://www.instantssl.com/