Google Is Ready For a Secure Web — But Website Owners Aren’t There Yet
It has been a long time coming: Google’s next Chrome update is an important step to a safer web. As of the 1st of July, the search giant will start flagging all websites that do not use HTTPS to encrypt visitor data as ‘not secure’ in their browser. What will this change mean for the Internet?
Google has made no secret of its move towards a more secure web and their preference for websites with HTTPS encryption. Right now the Chrome browser already indicates that you are visiting a ‘safe’ website by adding the green padlock and a secure sign. Over the last year, the Internet company started its shift to marking unsecure websites as ‘not secure’ and it will now mark all websites that do not use HTTPS as such. This transition is part of Google’s strategy to help users expect that the web is safe by default.
Switching to HTTPS
So how do we make this low-risk Internet happen? For a website to switch from HTTP to HTTPS it needs to obtain a Secure Socket Layer (SSL) certificate. That certificate is installed on the web server and creates an encrypted connection between the website and its visitors. In turn, the data encryption makes it harder for bad actors to access the data that is being transmitted through the site. Your personal information such as address, credit card details and login credentials are thus more secure when you send it via an encrypted channel.
The Web Isn’t Ready
Google seems to think that this push will motivate website owners to get their certificate in place. A look at our data, however, tells us that isn’t happening yet. For more than 173 million websites that are currently in use, only 28 percent already has the required SSL certificate. That number is slowly increasing over the course of the year, but is nowhere near a fully secured web.
When we look at those websites that process privacy sensitive information the numbers get a little bit better: just over 37 percent has the HTTPS padlock on their page. There’s a similar increase as with non-privacy sensitive websites and it is a good sign for the Internet that the number of SSL certificates is on the rise.
What Happens Next?
Once the latest Chrome browser rolls out a large number of websites will receive the ‘not secure’ stamp. This will likely influence the way Chrome users browse the web: a warning when you visit a website that tells you the page is not secure hopefully makes you think twice about sending important information to it. But getting a ‘not secure’ warning will also influence whether the website is found, as Google gives higher Search Engine Optimization rankings to those that are fully secure.
Getting Your Own Certificate
As a website owner, you can get a HTTPS connection for your page in multiple ways. The easiest option might be to contact your hosting company or registrar — they often provide secure connections as part of their services. Alternatively, you can reach out to other Certificate Authorities for help. Need a more extensive explanation? This article will get you started.
Would you like more information on the use of SSL certificates on the web? Or other security measures? Contact us via firstname.lastname@example.org.