The fervor over online security in this day and age has become as important as ever. Hackers, identity thieves, viruses and other diabolical entities are lurking throughout the dark corners of the web, readying themselves to pounce on unsuspecting and unprotected lines of digital communication. However, despite these evildoers, there are things being put in place by the good guys to help maximize online security, specifically regarding websites.
According to Google Chrome security product manager Emily Schechter, Chrome will begin to mark all HTTP sites as “not secure” starting July 24th. Currently Chrome is at version 66, but once it gets updated to version 68, it will warn users with an extra notification in the address bar regarding the status of their online security—due to this major change, now is the best time to double-check to ensure that your website is secure so you and your clients feel safe using your page. If you’re not sure if your site is safe, check your browser—Chrome currently marks HTTPS-encrypted sites with a green lock icon followed by text that confirms it is secure.
HTTPS = Good. HTTP = Bad.
To backtrack, HTTPS encryption ensures that the channel between your web browser and the page that you are visiting is protected and makes sure that no one in-between can basically spy on what you are doing online. When a page is not encrypted (HTTP pages), nefarious individuals with access to your internet service provider or router can intercept your information or inject malware into what should be a secure website. This is bad.
As documented in iVET360’s State of the Industry Report, only 5.5 percent of veterinary websites had a secure site in 2017—this is also bad. However, since the report was unveiled late last year, we have seen a shift in the industry, with a dramatic increase in the number of secure HTTPS veterinary websites. This is good.
2015 to 2018
Google has been distancing users from unencrypted sites for a while now, however, this future rollout will be the biggest move they will make. The Chrome team indicated this announcement was primarily brought on by increased HTTPS adoption: 81 of the top 100 sites on the web default to HTTPS, and a strong majority of Chrome traffic is already encrypted. Back in 2015, Google began lowering the rankings of unencrypted sites. Then, the next year, their developers displayed a similar warning for password fields that were unencrypted.
After noticing this trend, in 2015 iVET360 began installing SSL certificates for all of our clients. Along with providing marketing, analytics and HR/Training services, iVET360 builds websites as well and strives to make sure that all connections are secure, and no information is compromised. Our team of professionals constantly stays on top of industry trends and are proud to have provided clients with HTTPS secure websites from the start.
HTTPS has also become much easier to implement through automated services like Let’s Encrypt, giving sites even less of an excuse not to adopt it. As part of the same post, Google pointed to its own Lighthouse tool, which includes tools for migrating a website to HTTPS. So there is really no excuse to let this impending deadline pass without securing your site.
How Can I Make Sure My HTTPS Site is Up-to-Date?
It’s important to note that in Chrome version 69 (coming later this year), Google will be removing the “Secure” wording leaving only the green lock behind. While this may seem nice, it’s still important to verify that your site is secure.
If you do currently have an HTTPS website but you aren’t seeing the aforementioned green lock and secure text, this website will check the issue for you and send it to your web developer. You can never be too safe, and we highly encourage anyone questioning their site’s security to take the time to double check, to avoid a long headache later.