If you’ve been following website security industry changes, you may know that the move by browsers to warn visitors of webpages served via HTTP as “Not Secure” has been in the works for a while. And, if you’re like most organizations, preparing for the inevitable has been dead last on your to-do list. Unfortunately, pretending there’s no fire doesn’t mean you won’t eventually get burned.
Implementation has been gradual and the end date has been moved out a few times but, according to the Feb. 8 announcement by Google, you’ll need to get an SSL certificate for all your webpages—not just the ones with login requirements or forms—by the time Chrome 68 launches. Starting July 2018, Chrome will universally alert visitors that land on any HTTP webpage. What began as a nudge from Google and Mozilla that only impacted pages with unencrypted password or text fields has become a no-exceptions requirement. We’re guessing this isn’t what you want your visitors to see.
HTTP served Internet users well for many years. Unfortunately, given today’s cybercrime-ridden web, it has one crucial flaw—it’s not secure. That means data in transit can be stolen or manipulated.
HTTPS is secure and shows visitors https:// in the browser bar indicating encryption is authenticating the server and protecting transmitted information. So, it’s easy to understand why web browsers are now requiring it as a basic standard.
Beyond encryption, HTTPS also helps you leverage the faster performance enabled by HTTP/2, gives you up to a 5% boost in search engine visibility, providers a more seamless user experience and unlocks popular mobile options.
How do I get HTTPS?
SSL Certificates enable HTTPS—so the sooner you install one on all your webpages, the better.
We’re here to help you sort through your options and find the most cost-effective way to meet the July 1, 2018, deadline and boost your bottom line.