When you visit a web page, you naturally focus on what’s inside the browser window — the words, images, products and other elements on the page itself. However, when it comes to optimizing your own industrial website, you also need to pay attention to what’s happening up above in the address bar. That’s because the difference between having HTTP and HTTPS in your address can have big implications for your business.
So what is HTTPS, and why do you need to make sure you have it on your site, like, yesterday? Here’s what you need to know:
What Is HTTPS And How Does It Work?
Without getting overly and unnecessarily technical, HTTPS is a way to encrypt data that is sent between a browser and a web server, preventing unauthorized third parties from accessing that data while it’s in transit. This curbs the risk your users face of falling prey to a number of cyberattacks and scams, including “man-in-the-middle” attacks — where scammers siphon information that users have entered on your site, such as credit card numbers, usernames, passwords, etc. — as that information is sent to your web server.
>Think of sending sensitive data over just HTTP as sending a postcard with your passwords on it — anyone handling it between you and the recipient can read it. Sending sensitive data over HTTPS is more secure, like sending your passwords in a security envelope inside of a box inside of a safe.
HTTP And HTTPS Common Misconceptions
Encryption technology has been around for more than two decades, and the push toward SSL has only ramped up in the last few years. While many of the reasons that deterred companies from switching to HTTPS are no longer applicable, some common misconceptions do still exist, including these:
Switching To HTTPS Costs Too Much
An encryption certificate used to cost upwards of $1,000 a year, which was prohibitive for many small businesses. However, costs today average between $80 and $200 annually, and many hosting companies provide SSL certificates at no cost.
Manufacturing and industrial companies that partner with Thomas can upgrade their website with free HTTPS encryption (for those hosted on recommended platforms like Wordpress).
My Manufacturing Business Doesn't Need HTTPS
Let’s go over this again: if you collect any data from your visitors, if you don’t want to scare off potential customers, and if you want to put your company in the best position to attract new clients, then you do need to be encrypted. Period.
Implementing HTTPS Is Too Complicated
Okay, so this reason is still somewhat accurate. You do need to be comfortable installing your certificate, updating your registry and hosting information, and implementing HTTPS with your CDN, if you have one. After you do that, you’ll need to redirect and update old links to ensure that nothing gets lost in transition. This process takes some time and technical know-how, for sure. However, some hosting companies offer simple tools that allow you to add HTTPS to your website with only one click — or partner with industrial marketing experts who have knowledge in your sector.
Is SSL The Same As HTTPS?
The term “HTTPS” is often used interchangeably with “SSL,” which is understandable, but not quite accurate. An SSL certificate is a set of files that you must purchase and install on your server. HTTPS is a protocol for reading those files, verifying your certificate, and letting users know that your site is safe, secure and trustworthy. The HTTPS protocol enables the browser to encrypt data before submitting it to the web server, and the web server can then decrypt the received data using the information contained in the SSL certificate’s files.
There are actually two different types of certificates — SSL and the more advanced TLS — but they both play the same role. The important thing to remember is that you need one of these in order for your site to have an HTTPS address.
Why Your Website Needs To Be Secure
Just a few years ago, HTTPS sites were limited to banking portals and e-commerce shops like Amazon. However, as of 2017 more than half of all web visits are to encrypted sites.
This change has been fueled by the increasing prevalence and awareness of cyberattacks — and the headlines they spawn. People are more cautious about browsing and entering their information online, and your visitors expect that you will protect their information. If you can’t meet their expectations of security and privacy, they may take their business elsewhere.
Over this same period, more and more companies have shifted their business models to the web, where they actively collect information from their visitors. While these interactions don’t necessarily involve credit cards or social security numbers, there is more data flowing from web browsers to web servers than ever before. The rise in encryption adoption is, at least in part, tied to the rise in the opportunities for encryption.
If you collect user information on your site — and if you utilize inbound marketing in any capacity then you certainly do — encrypting your site is essential.
More businesses are supplementing their traditional sales tactics for a better method of growth — called inbound marketing.
Here are a few reasons why you should strongly consider switching from HTTP to HTTPs:
HTTPs Provides Not Only Improved Security, But Less Liability
The most important reason for upgrading from HTTP to HTTPS is also the most obvious — it makes your site more secure. That means the information you collect — from customers, prospects, employees, and other visitors — is protected. This is not just great for them; it’s also beneficial for you, as cyberattacks can hurt your reputation in the marketplace and your ability to win new business.
HTTPs Provides A Better Experience For Your Industrial Buyers
Have you ever been browsing online, clicked on a link, and came upon a warning that looks like this:
Doesn’t exactly inspire confidence and trust, does it? Well, if your site isn't encrypted, that's exactly what your visitors will see.
In addition, all major browsers — Internet Explorer, Chrome, Firefox, Safari, Opera, etc. — now indicate whether or not a site is secure. Just take a peek at the address bar on this page. Notice the padlock icon and the word "Secure" in the address bar.
Open a new tab, type in your address, and take a look at the address bar. Does it it say “https://” before your URL? Do you see a padlock icon? If not, you could be scaring away visitors instead of attracting new customers. If you visit an unencrypted site, it will look something like this:
Browsers are also beginning to introduce additional, and much less subtle, warnings to visitors on HTTP sites. For example, Firefox already does this:
Chrome shows a “NOT SECURE” warning when users enter text in a form on an HTTP page. While each browser displays different warnings in different ways, the message to anyone visiting an HTTP site is clear — the site is not safe. Is that the message you want to be sending?
HTTPS Could Help You Rank Higher On Google
According to Google, a site built with HTTPS is more likely to rank higher in search results than an identical site built with HTTP. This means having an encrypted site could potentially give you more exposure online, helping you attract new customers. Sounds pretty good, right?
Ready To Migrate From HTTP To HTTPS?
Now that you know what HTTPS is, how it works, and why it’s so important, it’s time to make sure your own site is secure.
Your industrial marketing team should provide you with a comprehensive plan for migration that makes it easy for you, while keeping your business running. The right industrial marketing experts understand website security is a must-have.
Ready to get started? Contact us! Or if you'd like to take a step back and need some more insight, check out our 10 Step Checklist for Website Redesign to kickstart your website plan.
Did you find this useful?