In the wake of many highly publicized data breaches, website security is becoming increasingly important for businesses in every industry.
Google clearly agrees and has been enacting a range of different policies and changes to improve the safety of the internet for companies and consumers alike.
But how do these security updates affect your SEO and rankings?
You might not think it but your website’s security plays a huge role in how high up on Google you will appear during a search. However, SEO and Google security actually go hand in hand.
Let’s have a look at why you need to be taking your SEO and Google security seriously if you want to be climbing the ranks.
Website security is an admitted SEO ranking signal
First and foremost, Google has confirmed that a webpage’s security directly impacts its ranking in a Google search.
This is actually quite a rare admission from the notoriously tight-lipped search behemoth, who usually keep their ranking signals a closely guarded secret. The fact that they have publicly stated it is a part of the algorithm must imply it is an important ranking signal moving forward.
Google has gone so far as to begin directly calling out a site’s security (or lack thereof) to users using their immensely popular Chrome browser.
In a range of updates including Chrome 62, 66, and the upcoming 70, Google began highlighting unsecure sites in the URL omnibox with visual warnings to users about to visit a site with less than ideal security.
Many of these updates are directly targeting web security certificates provided by Symantec. This company has been embroiled in controversy regarding its substandard vetting process for sites purchasing their certificates for years.
Google is clearly unwilling to risk any Symantec issued SSL certificate, and so has been attaching the prominent ‘Not Secure’ symbol and pop-up message to any site with a pre-2016 Symantec verification.
Google will also directly penalize your site’s ranking in search results, which will hamper any SEO activities you might be working hard on. If you want to ensure your SEO work isn’t wasted, it’s definitely time to invest in a high quality SSL certificate. This will ensure your SEO and Google security are in alignment, and you can continue to climb the ranks.
Google’s obvious highlighting on unsecure websites will have a pronounced effect on consumer behaviour and interaction with search results.
A large unsecure sign constantly displayed to a user, or an obtrusive pop-up calling out the lacklustre security of a webpage is likely to increase bounce rate and decrease time on page and possible conversions.
A GlobalSign study found that over 84% of respondents would abandon an online purchase if the webpage they were on was shown as being insecure. This is clearly not ideal for maximizing conversions or the hard work put into SEO.
A high bounce rate and limit consumer interaction with a web page is another ranking signal for Google’s algorithm. When Google sees that users are only spending a few seconds on a website and then returning to the search results, that tells Google that that page is not what its users wants and will likely lower its position during subsequent search results.
Thus, no matter how good your on-page SEO and high quality content is, if your site isn’t secure then both Google and your potential customers will punish your search engine result rankings accordingly.
Hacks can destroy hard earned SEO ranking positions
If your website isn’t properly secured it is more susceptible to hacks.
Hacks can cause all manner of headaches for business owners, from the relatively minor inconvenience of having to delete erroneous posts, to the more catastrophic exposure of user data or payment information.
Whilst the former can be a nuisance, the latter has the potential to completely destroy a company’s reputation.
A common reason many websites get hacked is actually directly tied to SEO, specifically the more nefarious set of tactics known as ‘black hat SEO’.
These hacks involve taking over a vulnerable website and then spamming every webpage on that site with backlinks to another site, with the goal of increasing the search ranking for the linked site.
Whilst Google’s algorithm has gotten smart enough to generally recognize these backlinks as being malevolent and won’t improve the linked site’s standing, but it can have a huge detrimental impact on the hacked site.
Google will see that hacked site as being susceptible to spam and penalize it during Google searches. This will obviously limit its exposure to users and potential customers.
In the worst case scenario, Google may even choose to blacklist the hacked website, barring it from ever appearing in Google searches again. Seeing as Google traffic makes up almost 80% of all consumer enquiries, this can have a huge impact on a company’s finances.
Clearly it should be a top priority for all SEO and Google security professionals to ensure their websites are properly secured and protected to avoid Google’s ban-hammer.
Ensure your website is SEO and Google security compliant
The key to avoiding all of the consequences of running an unprotected site is obviously to ensure it has adequate security.
Any SSL Symantec certificate purchased after June 2016 will avoid the dreaded Google ‘Not Secure’ tag. If your website is running on one of those you’re fine… for now.
It would likely be prudent to begin looking at alternative SSL/TLS certificate providers, as Google may continue to distrust Symantec certificates in the future.
Conducting a thorough web security diagnostic on your site is also a smart idea. This will help identify any potential holes in your security and allow you to patch them before they are exploited.