Google has confirmed plans to give higher search rankings to sites that are deemed more secure. In a blog post on Google’s Online Security blog, it announced it will favor websites thatare using HTTPS encryption by default and that it will be rolling this out across all its algorithms.
Search Ranking Positives
The blog postby Zineb Ait Bahajji and Gary Illyes,Google webmaster trends analysts, said that initial tests where HTTPS pages were highlight had give positive results so they will gradually increase its importance as a ranking signal in the coming months. The blog reads:
We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal. For now it's only a very lightweight signal—affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content—while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web."
Google is also publishing a list of best practices in the coming weeks to make Transport Layer Security(TLS) adoption easier and to avoid common mistakes. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communication security over the Internet.
This enables data/message confidentiality, and enhances message integrity and message authentication.
Security Tips
To get started Google is offering seven tips to make websites more secure:
- Decide on whether you want a single domain, multi-domain or wildcard certificate
- Use 2048-bit key certificates
- Use relative URLs for resources on the same secure domain
- Use protocol relative URLs for all others
- Change your website’s address to reflect the new security certificate
- Don’t block your HTTPS site from crawling using robots.txt
- Allow indexing of your pages by search engines where possible
Google has been pushing this agenda for some years now. As early as January 2010 it announced default HTTPS access for Gmail. And in 2011, it enabled forward secrecy by default.
Learning Opportunities
Webinar
Mar
29
The CX Commute vs. the CX Joy Ride
Is your CX traffic holding up your customer's journey?
Webinar
Mar
29
Is Your Microsoft 365 Data Recoverable? How to Survive the IT Hotseat When Data is Lost
See why MIcrosoft recommends third party backup
Webinar
Mar
30
An Optimized Customer Contact Strategy Combines Transparency and Intelligence: The State of Outbound Communications
Learn from the Neustar-commissioned Forrester Consulting study on challenges and solutions for contact centers
Webinar
Apr
13
Accelerating Content Velocity Across the Digital Supply Chain
Learn to integrate DAM with upstream tools to improve workflow efficiency.
Conference
May
10
CMSWire CONNECT Customer Experience Conference - Austin 2023
Don't miss the top customer experience and digital experience conference of the year — live in Austin, Texas May 10-12.
Conference
May
10
Reworked CONNECT Employee Experience & Digital Workplace Conference Austin 2023
North America's best employee experience and digital workplace conference of the year — live in Austin May 10-12, 2023.
In June, the companycalled for “HTTPS everywhere” on the web and also announced that itisclose to releasing new end-to-end encryption standards on Gmail that will effectively stop unwanted and unauthorized access to users’ email.
Encryption is used to digitally scramble data as it passes between a user's device and an online service to prevent others eavesdropping on the information.
It is used by many, but not all, sites that show a little padlock and use a web address beginning HTTPS. The "S" stands for secure. Until now, adoption has been hindered by costs and time to implement.
However, if Google is going to start rewarding companies with better search rankings, its likely a lot more companies are going to come on board.