Google has revealed that they will reward websites that have HTTPS site encryption by boosting them in the search engine result pages. In the Google I/O conference earlier this year, Google had called for “HTTPS everywhere” on the web and the present announcement appears to be a move towards achieving that goal. In a blog post published in the Google Online Security Blog, webmaster trend analysts Zineb Ait Bahajji and Gary Illyes of Google said that though as of now this will only be a lightweight signal in the ranking algorithm, over time they will decide to strengthen it.
By encrypting data transmitted over the Internet we can improve online security and can create a defence system against man-in-the-middle attack thereby offering privacy benefits to the web users. It can be an effective measure to help against hackers who break into websites and steal user data. The step taken by Google will encourage more developers to implement SSL/TLS to encrypt their web traffic. An encrypted site can help users to transmit their data securely even if they are using an unsecured Wi-Fi network in a public place.
Earlier webmasters used to shy away from implementing encryption because of the high cost involved in it. Also, many webmasters worried that once the site is encrypted there would be slower response time for the website. However such concerns about cost and response times are hardly relevant now, due to advancement in technology. High speed encryption technologies are available now, which means that cost and speed are no longer major concerns.
Many internet security firms have lauded Google’s new effort to improve the overall security of the World Wide Web. Google has also launched a new initiative called Project Zero, where the company will team up with hackers to identify and track down bugs and malware that threaten internet security. Google believes that such a project will protect its advertising revenue by safeguarding its links to third-party sites and will build user confidence in the security of those links.
Most of the websites want top rankings in Google search results and hence Google can leverage this interest of websites to encourage and discourage many practices of webmasters and web developers. Though HTTPS as a ranking signal is a lightweight signal now, affecting fewer than 1% of global queries, when Google strengthens it further in the ranking algorithm, those websites without HTTPS would suffer. That kind of a future threat would encourage most webmasters to implement encryption in their websites.
Google already uses strong HTTPS encryption for user searches as well as for their other services like Gmail, Drive etc. It means that users who connect with Google services automatically have a secure connection to Google – data that flows through Google data centres are always encrypted.
In their blog post in Google Online Security Blog, Bahajji and Illyes also offer some tips to make a website adopt TLS. They also say that you can test your websites security level and configuration with the Qualys Lab tool. Webmasters who are worried about their site’s performance after adopting TLS can take help from the service Is TLS fast yet?
Image Credit: Search Engine Land
Author: Aravind Ramesh