— July 25, 2018
(July 28, 2018) (July 24th), Google Chrome 68 rolled out and with it a big step toward a more secure internet. Unfortunately, this may also mean that Google is metaphorically telling visitors to your website to “RUN”.
Ever noticed that green padlock to the left of the URL when you are on websites? If not, look at your URL right now.
That green padlock means that the website you are currently on is using SSL and serving web content via HTTPS (the more secure version of HTTP). Google has been pushing this for about 2 years now, but starting today with the new Chrome 68, unsecured websites will have “Not Secure” as a prefix to the URL. As Google rolls out this next version of Chrome during the next week or two, you will start to see this more and more on the unsecured sites you visit.
Users trust Google when it comes to security, so this will surely affect your user experience and likely lead to a dip in traffic if not taken care of.
Why Make HTTPS Mandatory?
Unless you have lived under a rock for the past 3 years, you have undoubtedly heard of or been affected by one of the many cyber-attacks publicizing the personal information of millions.
As a result, cyber-security concerns have come front-and-center as society pushes toward a more secure internet. One of the ways this is happening is through the adoption of HTTPS.
When HTTP (HyperText Transfer Protocol) and its associated technologies were first invented back in 1989, it was revolutionary and created a universal standard for how messages are formatted and transmitted via the web. It was not, however, built with security in mind – specifically connection security.
When you are browsing the web via HTTP, all of the communication with the site is transmitted in plain text that can very easily be intercepted and stolen. While this may not be a huge concern when you are surfing the web for your next Netflix show (hint: it should be Comedians in Cars Getting Coffee), it is definitely a concern when using online banking or looking up healthcare information. Thus, HTTPS was born.
When you install an SSL/TLS certificate and migrate your website over to HTTPS, it creates an encrypted connection which stops the data from being intercepted. All they can see is something like this:
Not that useful.
What Does This Mean to Me?
Simple – HTTPS is no longer a ‘nice to have’, but mandatory. And it will only get worse if you don’t comply. Google plans to force your hand in future versions of Chrome with the warning turning a shade of red, then making the font bold. Before too long they will release a small goblin that runs around on your screen forcing users to chase it with their cursor to access the site at all. Not a great user experience.
There are many different Certification Authorities that can provide a valid certificate for your site, depending on your specific needs. Whether you get a free Domain Validated certificate or an Extended Validation certificate that showcases your organization’s name in the address bar, your site needs to be secured.
In addition to bettering the internet, securing your site is a positive search engine ranking indicator and increases customer confidence, thereby boosting conversion rates.
Whatever your reason, it is essential to get your site on SSL.