Take a moment to picture the following scenario…
You’re a candidate on the job market searching for job opportunities online. You find a few companies to check out, and you begin visiting career sites to learn more. You land on a career site for a potentially awesome company, and you see this:
Source: Google Blog
What do you do now? If you’re like me, you are going to click the “x” at the top of the screen as quickly as possible to avoid any security risks associated with viewing that website.
And, you aren’t going back anytime soon.
What’s this mean if you’re the organization with an insecure career site? You’ve now lost a potentially viable candidate.
Beginning last month, users visiting your career site on Chrome (Version 62) will receive a “NOT SECURE” warning when visiting any HTTP page, even if they are in incognito mode. Honestly, this isn’t recent news as Google has been talking about their efforts to force organizations to create more secure sites since Fall of 2016.
How does this impact your organization?
If you have any type of opt-in forms on your career site (think Talent Community or Application Account Creation), and your site is HTTP – candidates visiting your site will receive the security warning from Google.
Not only will this make your candidates feel potentially threatened if they visit your career site, it will also make many of them lose trust in you.
How can you fix it?
If your career site is HTTP, you’ll need to migrate to HTTPS as soon as possible. HTTPS provides a secure career site and helps keep browsing safe for candidates by securely connecting a browser or app and encrypting personal information with the websites they visit. Keep in mind that Google will eventually show this security warning for all HTTP pages even if your career site doesn’t ask for personal or sensitive information.
Embrace the changes now, and work with your company’s IT Department to enable HTTPS on your servers so you don’t risk losing candidates.
You can read more about the steps involved in transitioning to HTTPS here.