Your top priority when doing business online is to keep customer data secure. That doesn’t mean only if you’re in eCommerce and accepting payments, that means everybody.
It seems that every few months there’s another large company in the news for having customer data stolen from their computers. While it’s not always known how the intruders got the information, there are some things that even small companies can do to help make sure it doesn’t happen to them.
Every website online deals with customer data in some way, and each piece of customer data is important. Each piece of the customer’s data is part of the story of who they are, so a hacker could take advantage of that.
I approach this post from the point of view of securing your website through HTTPS, or HTTP over TLS. There are other ways to secure your customer’s data, but that is beyond the scope of this post.
What We Used To Do
It used to be that websites weren’t worried about using HTTPS at all unless there was a payment involved. Web sites were unsecured while adding items to the shopping cart and entering personal information. The site only switched to HTTPS when payment data was exchanged, often on a site such as PayPal.
This was enough in a time when we didn’t know any better, or HTTPS created a larger burden on our website. None of the old excuses exist anymore and it’s time to get rid of that older way of thinking. Security is now a top priority for everyone, and websites whether they accept credit cards or not should also prioritize it high.
Why Security Is A Priority Now
It wasn’t always important to secure your website through HTTPS, but it is known to be important now. Here are the two major reasons why it’s now more important than ever to keep customer data secure.
Google Likes (Loves) It
Google didn’t use to care about HTTPS, but with recent wake-up calls about customer data security, that’s changed. Google started caring about HTTPS on August 6, 2014, when it wrote about a test it was doing around HTTPS as a ranking signal.
Directly from the source, “we’re starting to use HTTPS as a ranking signal.”
We’re starting to use HTTPS as a ranking signal.
That’s not the only important part though because at that time it was a minimal factor in ranking websites. It’s still a small factor in the ranking! But, with each tweak of Google’s ranking factors, HTTPS becomes more important.
Google themselves state that “for now it’s only a very lightweight signal—affecting fewer than 1% of global queries” but they go on to say that it’s a lightweight signal only “while we give webmasters time to switch to HTTPS”
Over time, we may decide to strengthen it, because we’d like to urge all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
While it’s still not the strongest ranking signal, it has been increasingly more important.
Wouldn’t you rather be ahead of the game than behind it?
You don’t want to lose your number one spot on Google because you didn’t have HTTPS, something so simple to add.
Customer’s Appreciate It
Visitors to your website are becoming more web savvy ever day. Some may not notice they are on a secure connection to your website, but many do.You know a company values their visitors and customers if they care enough to protect even the simplest of the personal data.
You know a company values their visitors and customers if they care enough to protect even the simplest of the personal data.
Keep Customer Data Secure On Your Entire Website
Yes, your entire website should use HTTPS, not just switching over when personal data is transferred or your back-end. With the amount of data moving back and forth, it’s impossible to separate personal information from not.
Everything should be secure. A visitor shouldn’t even have to worry about their email address being exposed by not being transferred over HTTPS.
If you’re still not sure you need to keep customer data secure by securing your entire website, here are a few why’s and why not’s, you’ll see the why’s far outweigh the why not’s.
- Google ranks your site higher.
- Customer data is transferred securely.
- Your brand is easier to trust.
- You’re ahead of the curve.
- Many hosts include one SSL certificate now.
- Costs more money.
- Slows down your website.
- It’s complex to switch.
Neither list is comprehensive, but it gives you an idea of pros and cons. Why you should secure your entire website outweighs why you shouldn’t. Even some of the reasons not to are not really valid anymore with advances in technology and lowering of costs.
Cost isn’t even an issues today. If you can afford $9 a year then you can afford a highly trusted COMODO SSL certificate. I found out that NameCheap resells these certificates and only charge $9 a year for them which is an amazing deal.
That’s a good option if your website is already establish on a host you’re not willing to change. If you’re in the market for a new host or want to switch, though, SiteGround is a great option because they give you a free SSL Certificate through Let’s Encrypt for as many domains as you can put on your account. SiteGround makes using Let’s Encrypt easy though because they offer a one click installation of the certificate and it auto-renews every 90 days.
Once you get all set up on HTTPS, there’s a handy site you can run a test to make sure it’s all working great, aim for that A.
Your first priority should be to keep customer data secure. Everything from an email address to a name, if it travels over the Internet, it should be secure. If your visitors can sign up for an account and use a username or password, this is, even more, a reason to make it secure. Your login credentials are also at risk if not secure.
Comment form? Secure it.
Go out there and get a certificate, or get someone to help you set up HTTPS on your website (let me know if I can help!). Your visitors and Google will thank you for it.