GOOGLE STARTS LABELLING WEBSITES AS "NOT SECURE": IMPACT, IMPLICATIONS AND THE SOLUTION

GOOGLE GETS STRICT ON SECURITY

There’s a significant change to Google Chrome this July and it’s going to affect at least 324 life sciences companies in Scotland – and not in a good way. 

Any impact to your online presence is really relevant as 50-70% of the decision-making process for a business purchase is carried out using internet searches and website content before engaging in person with a potential supplier. (And you might not even know about it as customers actively delay engaging with suppliers in favour of educating themselves, forming their own opinions and eliminating options online.)

Fortunately, this Google update is really straightforward to address (and inexpensive) so if you only do one thing for your online marketing over the summer, this would be a good one.  In this article I’ll explain what the issue is, the implications on your business and how to fix it.  

 

If your URL doesn’t start with a https, Google will label your site as “Not secure”

If your URL starts with a www. or http:// and does not start with a https://, from this July, Google is going to start labelling your site as “not secure”.  Basically, https protects the transfer of data from the user to you via forms on your site through automatic encryption. At a time where personal data is a sensitive topic, it’s a relevant consideration.

biogelx https.JPG

In 2014 Google announced it was going to do its bit in making the internet a more secure place and they began with endorsing websites with https. Later on, Google went a step further and confirmed https was a ranking factor.

But recently Google has gone for more of a “stick” approach and announced it would be labeling the site as “not secure”.  Up until now this has looked like a small “i” in a circle at the start of the URL which, when clicked on, turns into a red message stating “your connection to this site is not secure” with Google recommending you shouldn’t enter any information.

From July 2018, Google Chrome will be more explicit by adding the words “Not secure” at the start of your domain name:

Chromium blog.JPG

The potential implications on your business are fourfold

While many of us in our sector are B2B and not involved in asking for sensitive information like credit card details, I reckon there are other implications that do affect us.  If any of these resonate with you, then keep reading as I’ll tell you how you can go about fixing it.

1.      A “not secure” warning signal can compromise your company image.

Now this is relevant to our sector.  There are so many amazing innovations being commercialised in Scotland right now and the enterprises bringing them to market pride themselves on the highest standards of science in order to provide reliable, cutting edge products and services.  For some of these brands, the entire business is built on a foundation of safety, trust and reliability.  A “not secure” message from Google to any visitors to your site may compromise their first impression of your brand.

2.      It will make it harder to generate leads from your website

Websites these days should be dynamic and should be contributing to the business by capturing the interest you’ve generated so you can nurture visitors into leads.  A warning message from Google telling visitors not to enter data may put visitors off downloading assets or filling in a form to request some material or ask a question.  It is highly relevant to capture any interest you’ve generated online as 50-70% of the decision making process for a major business purchase these days is carried out online before engaging face to face with a supplier – this is a massive opportunity for SMEs.

3.      It may have an impact on your rankings

Google have said they use https as a “preference” ranking factor; if two websites are providing the same quantity and quality content to answer a search query, the website with https will be prioritised in the ranking.  This is relevant because 94% of business purchase decisions begin with an online search.

4.      It may have an additional impact on your rankings

This is to do with bounce rate; if visitors to your site are put off by Google’s warning then they will quickly hit the back arrow.  Nowadays, Google is so sophisticated, it notices this sort of activity.  In fact, it’s new machine learning element of the algorithm, RankBrain, will observe this and conclude it must have returned a poor response to the query entered.  And if it thinks your website was a poor answer to the query, it will remember that.

 

How to find out if your website IS affected by Google’s https update

You can find out if you are affected by the https update by:

  1. Google your company name

  2. Click on the correct result

  3. Wait for the page to fully load

  4. Look at the URL

  5. If it has https:// at the start you are a-ok

  6. If it does not have https:// at the start i.e. www. or http://, you will probably see the little warning signal from Google

If you find yourself with a warning signal, you are not alone.  I carried out an audit of 553 life sciences and biotechnology organisations in Scotland and found 58% of websites were not yet https.  Specifically, the numbers I found without https websites as of July 20th are:

  • 74 in pharma services

  • 109 in medical devices and diagnostics

  • 22 in therapeutics organisations

  • 40 in industrial biotechnology

  • 79 in speciality chemicals

I also found two websites where the full warning has already been implemented by Google.

What https means for your site and what an SLL certificate does

(if you are anything like me and just want to know the “so what?” feel free to skip this bit!)

Hypertext Transparent Protocol Security (https) is also known as Secure Socket Layers (SSL).  It automatically encrypts any information entered onto your website by a visitor.  This will ensure your visitors’ activity or information can’t be tracked or stolen by hackers.  Even if you aren’t dealing with highly sensitive information such as credit card details, it’s important to protect data as simple as names and email addresses (as anyone who has been hacked or had accounts cloned will tell you).

THE SOLUTION: How to get https

Ok, here’s my disclaimer: I’m not a techie - I’m a marketer, and I got my https when I got my website because I knew it was important, so I’ve not done this myself.  But it really should be straightforward to sort and my advice is to get someone technical to do all this for you like your web developer or hosting company (the people you rent your space in the internet from for your site e.g. Go Daddy).

Basically, it’s all about getting an SSL certificate which is like a really long password that enables the automatic encryption of data entered onto that webpage.

Here are the questions you’ll need to ask:

  • Do I have my own dedicated IP address? Check that you aren’t sharing one.

  • If not, do I need to upgrade my hosting package or go to another host?

  • Can I buy an SSL certificate for my website through you? This can be as little £50.

  • Can you activate and install the SSL certificate for my site? Your hosting company might do this for you.

  • Can you update my site to https? Can you advise which pages in addition to the home page I should do this for?

I found How to Expert provided the most straightforward advice.   

This is different to the work you did for GDPR – it’s an extra job

Although https will support the work you did for GDPR, this is a separate job.  The sentiment is the same; protecting personal data but you did GDPR for EU law.  https is Google’s way of making sure the internet is a safer place to enter data and it’s a separate task.  However, having an SSL certificate will contribute to your efforts with GDPR as, not only are you reassuring your customers that you will use their data responsibly, you will be keeping the transfer of their data entered into your website safer too.

If you’d like to keep up to date with the latest best practice….

If you found this helpful, you can read similar articles with tips and advice on marketing in life sciences by following me on Twitter @MackayAlix or connect with me on LinkedIn.  If you’ve got a question you can contact me here.

edited spot fix.jpg

Alix Mackay MRSC combines 14 years of big pharma marketing discipline with the latest best practice in Inbound Marketing to provide advice, bespoke strategy and marketing masterclasses for ambitious business leaders and marketers.  She specialises in life sciences, biotechnology and healthcare and co-leads the Life Sciences Scotland Marketing & Communication group.

 

Methods and Sources