A Guide To SSL Changes – What It Means For Your Website
In today’s ever-changing online landscape, it’s crucial that companies Google’s best practices to make sure that they stay competitive in their respective online markets. With Google being the most commanding and influential company on the web, it’s indispensable for them to keep abreast of all the threats and opportunities that the internet produces. Hence, Google releases a variety of updates annually: new features, bug fixes, and the majority relating to the very secretive Google search ranking algorithm.
What’s important though, is that all online providers that use Google-related services (basically every online enterprise), are aware of significant changes that may impact their SEO, performance, and ultimately their bottom-line. The internet is in a continual state of change, so online companies have to be flexible and comply with new Google updates as soon as possible to ensure they aren’t adversely affected by these new releases.
The most significant Google update that has recently affected online companies pertains to Google Chrome v62, which was released in October this year. The Google Chrome web browser is used by virtually 50% of all online users, so it’s incredibly important that online providers implement the related changes as quickly as possible if they intend to reduce any unwanted consequences.
What has changed in Google Chrome v62?
In the Google Chrome v62 update, Google has changed the way in which it marks non-secured (HTTP) pages. If a non-secured (HTTP) page keeps passwords and credit card information (which is saved in a plain text file), they are vulnerable to phishing sites that can basically steal this information from customers that falsely believe they are supplying their personal information to a genuine business. The Google Chrome browser will start marking any text input field and web address bar as ‘NOT SECURE’ for HTTP pages.
This change will naturally have a bearing on millions of websites around the world. Before the change, many non-secured websites weren’t impacted by phishing attacks simply because they didn’t have a public-facing member login, and chose PayPal or other offsite payment processors to accept online payments. Now, however, all websites will need to start securing their web pages since users will become afraid of succumbing to harmful attacks if they enter personal information into fields marked boldly as ‘NOT SECURE’.
How to make web pages secure?
For online providers that would like to secure their previously non-secured (HTTP) web pages, they must encrypt the information being imparted between their visitors and their web server by integrating an SSL certificate. Google are naturally pushing for a more secure internet than ever before, and they’ve picked SSL encryption as a vehicle to do this. For website owners who want to enable HTTPS on their web servers, here is a useful guide: https://developers.google.com/web/fundamentals/security/encrypt-in-transit/enable-https?hl=en. The following link is an additional guide on how to avoid the ‘NOT SECURE’ warning in Google Chrome which is aimed at website developers: https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn.
What this means for online businesses?
The recent Google update implies that HTTPS and SSL encryption will become the norm across all web pages online. Eventually, each online enterprise will need to secure their web pages using SSL encryption whether they like it or not, or users will simply go for a competitor that does.
What this also means is that not all websites using SSL encryption should be trusted, and there will be a consequential increase in phishing sites using HTTPS also. Phishing sites can simply use fictitious SSL certificates to bypass the ‘NOT SECURE’ warning by Google Chrome and make their websites appear valid. This will make the distinction between phishing sites and real websites more difficult than ever. Online firms that use an Extended Validation Certificate (EV SSL) will be the most trusted websites on the internet considering that it will be remarkably difficult for phishing sites to emulate the authenticity that EV SSL provides.
Making all websites utilise SSL certificates to prove their authenticity will only increase the amount of phishing sites that do the same. At the end of the day, however, SSL encryption will ultimately become mandatory, so if you need any support in securing your website with SSL encryption, get in contact with the digital specialists at Internet Marketing Experts Kalgoorlie by phoning 1300 595 013, or visit their website for additional information: http://internetmarketingexpertskalgoorlie.com.au