Putting a new S in security

It’s good to see Google pushing websites developers and owners to adopt HTTPS by dangling the carrot of an improved search ranking. Google has no obligation to be the web’s police force, so the initiative can only be praised.

A lot of transactional sites are already HTTPS of course, but all those click hungry content-only sites will hopefully be cajoled into site encryption and that’s undoubtedly positive.

It’s not the first time Google has signalled its encouragement for the world at large to embrace HTTPS, so we’ll have to see just how tasty that carrot proves. Marketers too often focus on quick fixes than fundamentals, while we’re our own worst enemy when it comes to the Internet, favouring function and form over security. A click bait induced switch to HTTPS demands a close working relationship between marketing and IT to ensure website visitors get the high-quality content and the security in one complete package.

Google says it’s the HTTPS bias in its algorithm is ‘only a very lightweight signal’ and affects less than one percent of global queries. It infers the bias, like the background music at a dinner party, will slowly creep up in volume.

The incidence of user data hacks is on the rise – and certainly awareness of the risk is increasing. We all want to protect our user data and yet our ability as individuals to choose a website is limited to look and feel and brand recognition. This move, while affecting significantly less than one percent of an organisation’s security issues, at least gives the average user a little more confidence in the links they click on via Google.

Technology, in many ways, is the easier part of security to address because it has the advantage of predictable and centrally controlled operations. People and the processes they devise, in contrast, are far harder to manage and far more inconsistent. People come loaded with motivations whether for financial gain, malice or just laziness. The reality for many of us is that, while it’s not Google’s job to police the Internet, their ‘mark of approval’ in a rating suggests a certain level of approval and safety.

That’s both a risk and an opportunity for the company who famously adopted the slogan “Don’t be evil” as demonstration of its ethos. It’s good to see that Google continues to think how it can help shape a positive Internet experience for all.

Agree? Tell us your view in the comments and follow John on twitter @john_hayduk