Google Has Issued the Official Warning—Encrypt by July 1 or Else
If you’ve been following website security industry changes, you may know that the move by browsers to warn visitors of webpages served via HTTP as “Not Secure” has been in the works for a while. And, if you’re like most organizations, preparing for the inevitable has been dead last on your to-do list. Unfortunately, pretending there’s no fire doesn’t mean you won’t eventually get burned.
Implementation has been gradual and the end date has been moved out a few times but, according to the Feb. 8 announcement by Google, you’ll need to get an SSL certificate to protect all of your web site content, not just the pages with login requirements or forms.
Starting July 2018, Chrome will universally alert visitors that land on any HTTP webpage. What began as a nudge from Google and Mozilla that only impacted pages with unencrypted password or text fields has become a no-exceptions requirement. We’re guessing this isn’t what you want your visitors to see.
Why HTTPS?
HTTP (Hyper Text Transfer Protocol) served Internet users well for many years. Unfortunately, the increasing amount of cybercrime occurring on the internet, has exacerbated its biggest flaw.
HTTP is not a secure protocol.
This means data traveling between your site visitors and your web site can be stolen or worse, manipulated.
HTTPS is secure and the major web browsers now indicate to visitors (https:// in the browser URL field and for example a “lock” icon) indicating the information traveling between your visitors and your web site/server is being encrypted to prevent prying eyes and data theft. So, it’s easy to understand why web browsers are now requiring it as a basic standard.
Beyond improving your web site’s security, additional benefits include your search engine visibility will not be penalized for not having an SSL certificate installed and that’s a good thing!
How do I get HTTPS?
SSL Certificates enable HTTPS—so the sooner you install one on all your webpages, the better. But, remember, website security is about more than encrypting data. Ensuring who’s on the other end of the data transfer is equally, if not more, important so making sure you have the right level of identity validation matters. Choosing the right SSL certificate can be confusing, but it doesn’t have to be. We’re here to help you sort through your options and find the most cost-effective way to meet the July 1, 2018, deadline and boost your bottom line.