It’s a little sad and a whole lot disappointing that many sites are still being bullheaded about updating their site to have an SSL certificate. With the data breaches going on, you would think that they’ll be clamoring to get one, but years have passed and many are still non-compliant.

There’s no practical reason or excuse for a site not having an SSL. It’s even more frustrating that many sites do have SSL in place but don’t have the correct redirects in place from the HHTP version, which leads to duplicate content and search engine ranking issues.

And do you want your visitors or current customers see this when going to your website?

It’s crucial for ALL businesses to update their websites with HTTPS, even if they’re an e-commerce business or not. See that little padlock in the address bar on the web browser? This means that you’re visiting a secure website – congrats! That also means that the data you’re sending to or receiving from this site is encrypted.

Non-secure websites have a URL that begins with “http”, while secure websites start with “https” — where the “s” stands for “secure”.

So why do some websites still do not take advantage of SSL?

If you are a business that requests credit card data via your website and you do not have an SSL certificate installed, you may violate of PCI DSS (Payment Control Industry Data Security Standard), which is a set of security standards created to ensure that companies accepting, processing, storing or transmitting credit card information offer a secure environment.

This standard is managed and administered by the PCI SSC (Payment Card Industry Security Standards Council) and being enforced by payment brands, such as MasterCard, Visa, American Express, JCB and Discover.

The fines for non-compliance of PCI CSS can be catastrophic to any business, especially small ones. The payment brands may, at their preference, fine $5,000 to $100,000 per month for the PCI compliance violation. Moreover, the bank may also either increase transaction fees or even terminate your relationship.

Applying HTTPS on your site

Here we have good news and bad news. Let’s start with the bad news - there’s more to it than simply buying and getting it running in one day (if you buy it from lesser known providers). The good news it is not horribly expensive or difficult to convert your site to HTTPS.

You’ll need to purchase an SSL certificate (Secure Socket Layer). Mindful of providers trying to overprice their SSL certificate. You can get it from reliable and trusted providers like Crazy Domains for $66.50/yr instead of $95.00, effectively saving you 30%. They can also activate it INSTANTLY – yup, they offer the technology to have your site running with an SLL certificate in no time.

You need to notify Google that you’ve successfully updated your site to HTTPS so they can schedule your site for re-indexing in their search database. Yes, Google can just crawl your site, but you can proactively notify them via Google Search Console to speed up the process. Also, if you’re using Google Analytics, be sure to update your settings to inform them that your site is now SSL compliant.