A Guide To SSL Changes – What It Means For Your Website
In today’s ever-changing online environment, it’s crucial that businesses keep up to date with Google’s best practices to ensure they continue being competitive in their respective online markets. With Google being the most powerful and influential company on the internet, it’s necessary for them to keep up with all the threats and opportunities that the internet generates. For this reason, Google releases a myriad of updates yearly: new features, bug fixes, and the majority associated with the very secretive Google search ranking algorithm.
What is necessary though, is that all online suppliers that use Google-related services (literally every online business), are aware of significant changes that may alter their SEO, performance, and ultimately their bottom-line. The internet is in a consistent state of change, so online businesses have to be versatile and comply with new Google updates as soon as possible to make certain they aren’t negatively influenced by these new releases.
The most significant Google update that has recently affected online providers relates to Google Chrome v62, which was released in October this year. The Google Chrome web browser is used by virtually half of all online users, so it’s really important that online businesses implement the appropriate changes as quickly as possible if they intend to reduce any negative outcomes.
What has changed in Google Chrome v62?
In the Google Chrome v62 update, Google has reformed the way in which it marks non-secured (HTTP) pages. If a non-secured (HTTP) page stores security passwords and credit card information (which is held in a plain text file), they are vulnerable to phishing sites that can potentially steal this information from customers that wrongly believe they are providing their personal information to an authentic business. The Google Chrome browser will start marking any text input field and web address bar as ‘NOT SECURE’ for HTTP pages.
This change will certainly have a bearing on millions of websites across the globe. Before the change, many non-secured websites weren’t affected by phishing attacks simply because they didn’t have a public-facing member login, and employed PayPal or other offsite payment processors to accept online payments. Now, however, all websites will need to start securing their web pages given that users will become worried of succumbing to harmful attacks if they input their personal information into fields marked boldly as ‘NOT SECURE’.
How to make web pages secure?
For online enterprises that would like to secure their formerly non-secured (HTTP) web pages, they must encrypt the information being imparted between their consumers and their web server by integrating an SSL certificate. Google are evidently pushing for a more secure internet than ever before, and they’ve opted for SSL encryption as a vehicle to do this. For website owners who wish to enable HTTPS on their web servers, here is a convenient guide: https://developers.google.com/web/fundamentals/security/encrypt-in-transit/enable-https?hl=en. The following link is an additional guide on ways to avoid the ‘NOT SECURE’ warning in Google Chrome which is intended for web developers: https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn.
What this means for online businesses?
The recent Google update shows that HTTPS and SSL encryption will become the norm across all web pages on the web. Sooner or later, each online enterprise will have to secure their web pages using SSL encryption whether they like it or not, or users will simply decide on a competitor that does.
What this also means is that not all websites using SSL encryption should be trusted, and there will be a considerable increase in phishing sites using HTTPS also. Phishing sites can simply use false SSL certificates to circumvent the ‘NOT SECURE’ warning by Google Chrome and make their websites appear legit. This will make the distinction between phishing sites and real websites more difficult than ever. Online providers that use an Extended Validation Certificate (EV SSL) will be the most trusted websites on the web considering that it will be exceptionally difficult for phishing sites to copy the authenticity that EV SSL provides.
Making all websites utilise SSL certificates to verify their authenticity will only increase the number of phishing sites that do the same. At the end of the day, however, SSL encryption will at some point become mandatory, so if you need any support in securing your website with SSL encryption, reach out to the digital specialists at Internet Marketing Experts Mildura by phoning 1300 595 013, or visit their website for further information: https://internetmarketingexpertsmildura.com.au