If I say that Google is very powerful, I don’t think I would have too many people disagreeing with me. Of course the internet being what it is, I’m sure I would have some people disagreeing, simply to be contrary. But in general terms the statement holds up pretty well. If Google says your website should be use HTTPS, you need to use HTTPS.
One of the things about Google being powerful is that Google says jump and the whole world asks, “How high?” Getting your web page to number one on Google can be incredibly lucrative, so if Google says you can get to page one by posting a video of yourself on youtube drinking sump oil, a million SEOs are going to be posting videos.
So, having said that, one of the recent things that Google has said it wants is sites to be secured by HTTPS. But what is HTTPS? In the tradition I have of explaining the technical in simple terms, let’s give this a try.
Let’s start off with the concept of encrypted and unencrypted packets. Hang on a minute, I need to take a step back there. Let’s start off with the concept of packets. This is how computers communicate over networks. In little chunks of information called packets. They are like letters with envelopes – the envelope has the address on the outside to tell the postman where the letter is going to, and possibly the from address as well.
The structure of a data packet is essentially the same thing. It has some information that identifies where it’s going from and where it’s going to and in the middle the information it needs to send. The packets are usually quite small, just a couple of hundred bytes. The reason for this is that communication isn’t perfect over networks and it’s easier to ask to resend a small amount of information than a large amount of information. Once again, analogy helps to explain. It’s easier to ask some to repeat a word you didn’t hear in a phone conversation than the ask for the whole discussion from the top.
Anyway, that’s packets for you. Now we can go on to unencrypted packets versus encrypted packets. Unencrypted packets are packets that send the information between your computer and the computer you are connected to in plain text. Hackers have these things called packet sniffers. Packet sniffers can, as the name suggests, look at the packets you and the remote computer are sending between them and see what’s inside them. If the information in those packets is unencrypted, whatever you send can be looked at, be it passwords or credit card details, whatever it may be.
Now the difference between unencrypted and encrypted packets is that if a hacker gets hold of the packets, the information inside the packets is useless to them. The information is locked up and looks like a bunch of random garbage to anyone in the middle, only being unlocked when it reaches either end.
So there are obvious benefits there for the security of the data between websites and their clients. But of course, once Google says you should do it. it’s time to act.
The claim is that it actually helps your SEO, which is where we came in. Google wants certain things. It wants websites more secure and mobile friendly. It wants unique content. It rewards those who play by their rules and penalises those who don’t. To me the benefit to SEO is marginal, but that may change as time goes by. So you need SEO on your website to please the great god Google.