05.05.17

Google Pushes All Websites to Adopt Enrcyption - Is Your Website Ready for this Change? Probably Not.

By Ryan Owens



FROM THE INTERWEBS - Google wants to kill the unencrypted internet, and will soon flag two thirds of the web as "unsafe."

Google Google wants everything on the web to be travelling over a secure channel. That's why in the future your Chrome browser will flag unencrypted websites as insecure, displaying a red "x" over a padlock in the URL bar.

With this upcoming change in Chrome, Google makes it clear that the web of the future should all be encrypted, and all sites should be served over HTTPS, which is essentially a secure layer on top of the usual HTTP web protocol. Several companies and organizations have been pushing for more encrypted sites as part of a campaign to "Encrypt All The Things," which consists of promoting more websites to abandon the traditional, less secure HTTP protocol and adopt HTTPS.

Currently, Chrome displays only an icon of a white page when the website you're accessing is not secured with HTTPS, a green locked padlock when it is, as well as a padlock with a red "x" on it when there's something wrong with the HTTPS page the user is trying to access. The change will draw even more attention to the sites that are potentially insecure.

The rationale is that on every website served over HTTP the data exchanged between the site's server and the user is in the clear, meaning anyone with the ability to snoop on the connection, be it a hacker at a coffee shop or a repressive government, could steal passwords, private messages, or other sensitive information.

But HTTPS doesn't just protect user data, it also ensures that the user is really connecting to the right site and not an imposter one. This is important because setting up a fake version of a website users normally trust is a favorite tactic of hackers and malicious actors. HTTPS also ensures that a malicious third party can't hijack the connection and insert malware or censor information.

So What Does This Mean for My Website?
Most websites do not use HTTPS, as this has primarily been reserved for e-commerce sites or those that process transactions, credit cards, or other sensitive user data. However, with this change, Google wants EVERY website to use HTTPS by default, even if your website does not process any "sensitive" data or anything more than plain text or images. In other words, even if your website is just your typical, ordinary website, Google wants it to use HTTPS.

And if it doesn't, your customers are going to get a big, scary warning from their browser.

Of course Google does not own the Internet, and not everyone uses Chrome as their browser, so this change may not be noticeable by everyone - YET. But the writing is on the wall, and with Google's power over the web community, and the large installed base of Chrome users, it is only a matter of time until this change will affect us all. So the time is coming, and sooner than you think. Very soon indeed, it will be imperative for you to move to HTTPS encryption for your website.

How Do I Move to HTTPS Encryption for My Website? And What Does This Cost?
Making your website operate over HTTPS is as simple as having us install an SSL Certificate (SSL stands for Secure Socket Layer) that is issued by a third-party authority. SSL Certificates are renewable on an annual term and provide up to 256 bit encryption, thereby offering the highest level of encryption and security possible.

Please contact us at 864.271.7021 or email us at contact@stratatomic.com for your specific website requirements and the cost to adopt HTTPS encryption for it.