Strategic CIO // Executive Insights & Innovation
Commentary
8/20/2014
09:16 AM
Lori MacVittie
Lori MacVittie
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Google SSL Decision: IT's Chance To Be A Hero

IT departments everywhere have a golden opportunity to look good by jumping on Google's decision to make SSL certification a part of rankings.

Earlier this month, Google made an announcement that went largely unnoticed. Given the implications for most businesses, ignoring this change could be a mistake of considerable magnitude.

"Google is taking a stance on security and has made SSL a piece of their ranking algorithm. As we are aware search engine ranking remains one of the single most important components of any organization's branding efforts and online presence." — HTTPS as a ranking signal, August 6, 2014

At first glance, this might appear as little more than an exercise in data center architecture. Certificates must be acquired, deployed, and enabled for apps. Architectural decisions on how to enable visibility of now-secured traffic must be made. It's purely an IT concern, certainly.

Or is it?

[Why did all the companies featured in Blade Runner go under? Read 5 Ways To Beat The Digital Disruption Curse.]

The business, marketing in particular, still pays a lot of attention to search rankings. According to a 2014 State of the Industry survey conducted by Moz, an SEO consulting firm that's tracked the impact of rankings since 2004, "Rankings were still considered 'Somewhat Important' or better by almost 92% of respondents. They were still considered 'Important' or 'Extremely Important' by 73% of respondents. Rankings are far from dead."

Need more? How about some measurable data? The online ad network Chitika confirmed in a 2013 study that search engine position translates directly into clicks, with 33% going to the No. 1 spot and 18% for second place. The click-through rate gets uglier from there. This is one game where placing in the top three matters, more than we might like to admit. In a digital, application-centric world where hits and visits are essential to making money, search engine ranking is a critical component of any business strategy.

That means Google's decision is a business concern that can be addressed only by technology. Unlike past algorithm tweaks that focused on keyword relevance and metadata optimization, this change requires IT to get the business ahead of the game or at least keep it playing. In the interim between now and when the full effects of the new algorithm begin to have an impact on organizations (Google doesn't give a firm timeline, but the writing is clearly on the wall) your business has an opportunity to gain a competitive advantage by ensuring it's SSL-enabled -- before the competition. Google's post gives seven specific steps to take.

This change puts the ball squarely in IT's court. It is only within the bowels of IT that SSL can be enabled, whether implicitly on every application server that might deliver an app that will be affected, or explicitly via an SSL-enabled reverse proxy architecture. In either case, IT can make or break this opportunity by having a direct and very significant impact on the business.

There are other examples of just how important a player IT will be in enabling businesses to either open the door or slam it shut when opportunity knocks, but rarely are they as clear-cut as this one.

Think apps are the only way IT can contribute to business success? Not so.
Think apps are the only way IT can contribute to business success? Not so.

By now, most technologists have decided that when business colleagues say "IT innovation," they usually mean "new applications." There's good reason for that -- it's a mad-about-apps world, and the new economy is based on installs and subscribers. But there are cases where it's not just about the applications, but rather how these applications are delivered, that will make or break an opportunity.

Google's new view on SSL enablement is one of those cases. Operations and networking teams have the chance to shine and show that "the network" can, in fact, enable opportunity. Don't blow it.

It's not just data scientists and security ninjas in high demand. SDN, the Internet of Things, DevOps, data center convergence, and mobility are giving rise to entirely new job categories. In this InformationWeek survey, we want you to tell us about the hottest skills, how you're getting the expertise you need, staff training vs. making new hires, use of contractors, retention methods, and more. Take the the InformationWeek 2014 IT Skills Crunch Survey today and be eligible to win a prize. Survey ends Aug. 22.

Lori MacVittie is a subject matter expert on cloud computing, cloud and application security, and application delivery and is responsible for education and evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
8/20/2014 | 3:15:56 PM
Re: Crossed wires?
I hope the word gets out. My web host of choice, SquareSpace, doesn't offer SSL beyond its ecommerce pages. Everything that can be encrypted should be encrypted, absent a compelling reason otherwise.
David F. Carr
IW Pick
100%
0%
David F. Carr,
User Rank: Author
8/20/2014 | 1:34:39 PM
Re: does this mean all pages should be ssl?
I suspect you'll see your ecommerce and web content management tech providers adapting to this over the next few months.

You can get more insight into Google's thinking here:

David F. Carr
50%
50%
David F. Carr,
User Rank: Author
8/20/2014 | 1:24:46 PM
Re: Crossed wires?
Converting public web content to SSL causes all sorts of havoc, particularly if not all the images, iframes, css, and javascript used within the page are available at a https address. This NOT just a job for the network administrator.
MDMConsult14
50%
50%
MDMConsult14,
User Rank: Moderator
8/20/2014 | 12:54:54 PM
Re: Crossed wires?
This is similar to what happened with Penguin. It is inconvenient for SSL changes to impede on SEO. Especially if the organization has invested significantly in SEO and link building. This will cause more work of re-checking links and having to adjust accordingly.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
8/20/2014 | 12:36:23 PM
Crossed wires?
I have to wonder how much attention network admins and managers pay to Google's announcements. As you say, that's normally the purview of SEO or marketing. And these people may not get the implications of the SSL change, possibly assuming their companies are compliant. Very easy for this to slip under the radar.
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.