Google Is Going HTTPS. Should You?

by Ed Tsunoda on August 24, 2014

Google has been making a lot of noise recently about how it has added whether or not a site is “secure” https versus http as a factor in it’s search results algorithm. Does this mean you should switch all your sites to https? Not according to this article at which reiterates that if you’re taking user data input, you should already be running https, and if you aren’t there still isn’t any reason to.

HTTPS only protects against a very limited number of site vulnerabilities, specifically wiretapping and man-in-the-middle type attacks – in other words, spying. It makes the NSA’s job of tracking and spying on internet users more difficult, but it doesn’t protect against hackers, denial-of-service attacks and scripting, server or database exploits.

Essentially, HTTPS is useful for sites that collect and transmit personal information. Banks, e-commerce sites, even social networks need to have HTTPS in place to make sure consumers’ sensitive information is protected.

For all the blogs, news sites, brand brochure-type sites or any information site that doesn’t require a member login, HTTPS is useless. It’s like the post office telling you to that all your mail needs to be written in secret code. That’s fine for the military, but do your Christmas greeting cards really need to be written in unbreakable secret code? Probably not. It’s just as pointless to require HTTPS on sites that do not transfer sensitive information.



Previous post:

Next post: