Is there any way/option to force SSL usage even if a user browses to http:// (or any staff/managers using scp view)?
Untested:
Try and put the following in your .htaccess file
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{SERVER_PORT} =80
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI}