Many nonprofit website owners haven’t given any thought to whether their site is “secure” or not. If you’re using a third-party donation platform, isn’t an HTTPS website sort of overkill?
Not at all – in fact, converting your website to HTTPS now is one of the smartest proactive things you can do for your organization this year. How do you know if your site is using HTTPS? Look up at the top of your web browser in the address window. If you see HTTP instead of HTTPS before your website domain name, you’re not secure.
What does HTTPS do for you?
HTTPS is an encryption protocol. Any data that passes between the viewer and your website is encrypted and safe from interception.
It protects your visitor’s sensitive information
Sensitive information is more than just financial details. Names, addresses, emails, and phone numbers should all be transmitted securely through your website to protect the identity of your visitors from interference.
Even if you have only a simple contact form on your site, you should consider having an added layer of security.
It helps your website rank higher with search engines
In 2014, Google started considering site security as a page ranking factor. That’s right. If your site isn’t HTTPS, your page won’t rank as high in search results.
It boosts your visitor’s confidence in your site when they don’t see “NOT SECURE” on your pages!
Google has started warning visitors that form areas on HTTP sites are not secure. Eventually, these warnings will appear on all pages of HTTP sites.
Now imagine you are visiting the website of a nonprofit you want to make a donation to and the first thing you notice are the words NOT SECURE up in the URL window. That’s not an impression you want your donors to have.
Even though these notices only appear on pages with entry forms as of this date, Google has stated that they plan to have this warning on every page of HTTP sites in the future.
How do you get an HTTPS site?
Securing your website is done by purchasing an SSL (Secure Sockets Layer, also known as a TLS certificate) certificate for the site. Adding a certificate to your website is fairly simple. A good place to start is by contacting your current website hosting company and asking them about converting your site to HTTPS. The certificate need not cost your agency anything. A wonderful free service called Let’s Encrypt is provided by the Internet Security Research Group (ISRG). Let’s Encrypt is available through many web hosting companies.
Make the safety and security of your website a priority this year. Talk to your web host about getting a certificate for your site. You’ll rank higher in searches and your visitors will feel safer for it.