TCP, SSL/TLS, and why digital marketers need to care

Business / Security / Tech
digital marketers

Since 2014 Google has been giving sites that use SSL/TLS a boost in their search engine rankings as a reward for protecting users from man in the middle attacks.

Digital marketers live in a land of initialisms. SEO, SEM, PPC, OMG. So when digital marketers are told there’s one more initialism they need to care about, well, consider it a drop of water in the ocean. Or in the case of SSL/TLS consider it a very important drop of water in the ocean. After all, how many initialisms offer a boost in security as well as a potential boon to SEO and site reputation? The answer could very well be several as there are many, many initialisms at play, but SSL/TLS offers all those benefits for sure.

What it’s all about

SSL/TLS stands for secure sockets layer/transport layer security, the protocol that establishes secure connections between a user’s web browser and a website using encryption. Somewhat confusingly, SSL used to be the go-to encryption protocol but was formally replaced in 2015 by TLS, though for whatever reason TLS hasn’t fully caught on as the go-to short-form, so you’ll see the protocol referred to as SSL or TLS or SSL/TLS.

With that out of the way, what SSL/TLS does is take the standard TCP handshake that connects a browser to a website (request sent from browser to website, acknowledgment sent from website to browser, return acknowledgment sent from browser to website) and adds encryption into the mix for the SSL handshake. It does so by adding three extra steps to the three-step handshake process: agreeing on a method of encryption, mutual verification and generating the keys used to encode and decode all information exchanged between browser and site in that session.

By encrypting communications between browsers and websites, SSL/TLS makes information exchanged unreadable to attackers looking to ‘eavesdrop’ and steal the kind of data that users often input into a website such as logins, passwords, personal information including names and addresses and financial information. This makes SSL/TLS beyond essential for any website that requires any personal information from users, and there may be a reason for digital marketers to consider it for other websites too.

SEO

The secure boost to SEO

Digital marketers are always looking for an advantage when it comes to search engine rankings, and SSL/TLS provides exactly that. Since 2014 Google has been giving sites that use SSL/TLS a boost in their search engine rankings as a reward for protecting users from man in the middle attacks, and with Google putting an even bigger emphasis on secure connections (see below) it stands to reason that future updates of Google’s ranking algorithm may increase the advantage secure sites receive.

However, as all digital marketers know, winning the traffic battle isn’t all about search engine rankings.

The problem it may present

When you add extra steps into almost literally anything, the process gets longer, and the SSL handshake is no exception. The steps required to encrypt communications triple the time it takes to complete the handshake, which slows down page load time. Which, as all digital marketers know, does not please internet users. In fact, studies have shown that 40% of online shoppers will abandon a website that takes over three seconds to load.

That’s a troubling statistic for digital marketers, especially considering that those e-commerce sites being so quickly abandoned are definitely in need of SSL/TLS. What is a digital marketer to do?

One more initialism

A CDN or content delivery network is a network of cache servers located all over the globe designed to get a website’s content to its users as quickly as possible by redirecting users to the cache server located closest to them.

With users redirected in this way, data doesn’t have to travel as far between browser and server, which means those steps taken in the SSL handshake can all be completed more quickly. By cutting down on the lag created by the encryption process, a CDN basically lets websites have the good of SSL/TLS while eliminating the bad.

CDNs also speed up websites by caching all cacheable content and eliminating trips to the origin server, compressing HTML, CSS, JavaScript and image files, and stripping unnecessary characters from the source code. Additional CDN benefits include network optimization and smart management of multimedia resources, lower bandwidth bills, load balancing and DDoS protection.

digital marketers

Another SSL/TLS consideration

Google again, wouldn’t you know it. With the latest update of Google’s browser Chrome (Chrome 56) Google has begun marking websites that do not use SSL/TLS as Not Secure in the space next to the address field, a pretty prominent position. This is being done in stages. In the first stage websites that accept payment card information and passwords without SSL/TLS were identified as Not Secure, in the second stage all websites not using SSL/TLS were identified as Not Secure when a user is in Chrome’s incognito mode, and in the upcoming third stage all websites not using encryption will be marked as Not Secure even in Chrome’s normal browsing mode.

Thus, digital marketers may want to consider all the internet users who will see that Not Secure warning and think twice about spending their time on that website when there are probably many competing websites that have invested in encryption.

Best of both worlds

Considering how hard it is to keep internet users both happy with website performance and protected from potential attacks, some days digital marketers may want to give up all those short forms and initialisms right before quitting. Frankly though, if you made it past the keyword stuffing phase, you might as well keep on keeping on in the digital marketing game. SSL/TLS and CDN – performance and protection in just two sets of letters. It doesn’t get much better than that.

Comments
To Top