Secure or Not Secure?
What is internet security?
Internet security has become a hot topic in the last few years with users concerned about the safety of their data. You may not be to bothered about Internet security if you are reading a Wikipedia page or searching for the latest weather forecast; however, if you are looking at something more personal like your Facebook feed, or even managing your bank account online, you don’t want people to read how much money you have, or see a photo that should only be shared between friends. This is where HTTPS encryption comes in, also described as having a ‘secure certificate’. This protects your browser and the website, ensuring no one in the middle can tamper with the traffic and spy on what you are doing. So, it is really important that you are protected.
HTTP versus HTTPS…
HTTP stands for Hypertext Transfer Protocol (HTTP), and it is the underlying protocol used by the World Wide Web. It defines how messages are formatted and transmitted
HTTPS, Hypertext Transfer Protocol Secure, is similar to HTTP but it is the secure version and is often accompanied by a locked padlock icon. HTTPS ensures that communication between the browser and the website are encrypted so they cannot be read by a third party.
When you enter a URL in your browser to go to a website, you actually send a HTTP (or HTTPS) command to the web server redirecting it to fetch and transmit the requested web page. If the request is only HTTP there is no encryption for the request or transmission as it travels from the webserver to your device. Meaning that someone or some application out there could be listening to and reading it.
More emphasis on security
Last year Google released version 56 of their website browser (Chrome 56). As well as the usual updates and improvements to the browser there was a courageous change. Any webpage containing a password or credit card field would be branded as “Not Secure”. This was a game-changer in terms of online security; up until this point the Internet in general was not a secure environment, with the rare exception of a few websites that were badged with the secure padlock icon.
Now Google has taken the next step in their master plan for the creation of the ultimate secure website. As of version 68 (Chrome 68), released late July of this year, any site will be marked as “Not Secure” if the site is only HTTP, regardless if passwords or credit card fields are on the page or throughout the entire site. Other web browsers may display something similar in order to warn a user they are on a non-secure site. The following image demonstrates how the address bar now looks for non-secure HTTP sites:
Is it easy to make a website secure?
Enabling HTTPS on a website, that is making it secure, used to be time-consuming and expensive and for either of these reasons it was often left out of the web development process. These days HTTPS certificates are relatively affordable and can be set up and implemented much easier than they used to be. This has played a major part in helping the Internet become more secure for websites and therefore for the individual.
The Internet has already become much more secure since Google's initial change to encourage HTTPS back in January 2017. Within a year of launch 64% of Chrome traffic on Android is protected with HTTPS (up from 42%), and of the top 100 sites on the web those that were protected went from 37 to 71 in the same time period.
Why do I need a secure certificate?
Having an HTTPS in the address bar, and that all important padlock, reassures your customers that you care about their privacy. With website users becoming increasingly aware of the importance of privacy and protection online, having HTTPS is vital for them to trust your site and to build trust in your brand online.