The move by browsers to warn visitors of web pages served via HTTP as “Not Secure” has been in the works for a while. Preparing for the inevitable has also probably been dead last on your to-do list. Unfortunately, pretending there’s no fire doesn’t mean you won’t eventually get burned.
Implementation has been gradual and the end date has been moved out a few times. According to today’s announcement by Google you’ll need to get an SSL certificate for all your webpages, not just the ones with login requirements or forms, by the time Chrome 68 launches. Starting July 2018, Chrome will universally alert visitors landing on any HTTP webpage. What began as a nudge from Google and Mozilla has become a no-exceptions requirement. I’m guessing the “Your connection is not secure” message isn’t what you want your visitors to see.
HTTP served internet users well for many years. Given today’s cybercrime-ridden web it has one crucial flaw. HTTP is just not secure. HTTP data in transit can be stolen or manipulated.
HTTPS is secure and shows visitors https:// in the browser bar indicating encryption is authenticating the server and protecting transmitted information. It’s easy to understand why web browsers are now requiring it as a standard.
HTTPS also helps you leverage the faster performance enabled by HTTP/2, gives you up to a 5% boost in search engine visibility, providers a more seamless user experience and unlocks popular mobile options.
How do I get HTTPS?
SSL certificates enable HTTPS. The sooner you install one on all your webpages the better. Remember, website security is about more than encrypting data. Ensuring who’s on the other end of the data transfer is equally, if not more, important . Having the right level of identity validation is crucial. Choosing the right SSL certificate can be confusing, but it doesn’t have to be. Nexcess is here to help you sort through your options. Together we’ll find the most cost-effective way to meet the July 1 deadline, and boost your bottom line.
Posted in: Security