When hosting, you have an option to upgrade to SSL. Among many other things, this will add an 's' to the 'HTTP' in your address changing it to 'HTTPS'. It seems that everyone is insisting we do this now. Industry experts everywhere, highly recommend that we make this change to secured hosting.
We can provide top quality secured hosting at reasonable rates.
It can seem expensive considering what you currently pay for hosting, so your caution is understandable; and to be clear it will cost twice as much as non-secure hosting. Also its true that one can reasonably argue, that it is not really necessary for websites which do not collect credit card information, to make this expensive change to security.
While I can almost agree with that argument, here is the bottom line for any B&B getting business online: That pesky notice of security in the address bar!
Awareness of this notice and the accompanying 'lock' symbol, is increasing constantly. Quite possibly most web surfers refuse to even visit websites that are labeled a security risk these days. And, for a fairly good reason too.
In September, 2018 Google again (their constant message for many years now) had this to say about SSL Certification:
"HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages.
Intruders exploit unprotected communications to trick your users into giving up sensitive information or installing malware, or to insert their own advertisements into your resources. For example, some third parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities.
Intruders exploit every unprotected resource that travels between your websites and your users. Images, cookies, scripts, HTML … they’re all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hot-spot, or a compromised ISP, just to name a few." - Google Developers
If your website is NOT secure then you expose your viewers to intruders. Seems slightly abusive, and as more and more people understand this, un-secured websites will receive a continually dwindling supply of visitors.
Is that disturbing? It should be. You could take your own informal survey of customers visiting your website, except how do you question all of those already swayed away from visiting by that security warning? But you can ask yourself, does the insecure notice in the address bar affect your decision to visit other websites? Do you really believe you are NOT loosing customers because of that nasty insecurity notice? Don't YOU want to secure your website and protect your customers.