A Guide To SSL Changes – What It Means For Your Website
In today’s ever-changing online environment, it’s important that businesses Google’s best practices to ensure they stay competitive in their respective online markets. With Google being the most commanding and influential company on the net, it’s vital for them to keep up with all the threats and opportunities that the internet generates. Accordingly, Google releases a multitude of updates each year: new features, bug fixes, and the majority associated with the very secretive Google search ranking algorithm.
What is necessary though, is that all online businesses that use Google-related services (literally every online organisation), recognise extensive changes that may influence their SEO, performance, and ultimately their bottom-line. The internet is in a perpetual state of change, so online enterprises need to be versatile and accustom to new Google updates as soon as possible to make sure they aren’t negatively affected by these new releases.
The biggest Google update that has recently had a bearing on online businesses relates to Google Chrome v62, which was released in October this year. The Google Chrome web browser is used by close to half of all online users, so it’s incredibly important that online firms implement the appropriate changes as swiftly as possible if they hope to prevent any unwanted repercussions.
What has changed in Google Chrome v62?
In the Google Chrome v62 update, Google has modified the way in which it marks non-secured (HTTP) pages. If a non-secured (HTTP) page stores passwords and bank card information (which is saved in a plain text file), they are vulnerable to phishing sites that can essentially steal this information from users that wrongly believe they are supplying their personal information to a legitimate business. The Google Chrome browser will begin marking any text input field and web address bar as ‘NOT SECURE’ for HTTP pages.
This change will evidently affect millions of websites around the world. Before the change, many non-secured websites weren’t impacted by phishing attacks simply because they didn’t have a public-facing member login, and chose PayPal or other offsite payment processors to accept online payments. Now, however, all websites will need to start securing their web pages given that users will become worried of falling victim to malicious attacks if they enter personal information into fields marked boldly as ‘NOT SECURE’.
How to make web pages secure?
For online enterprises that wish to secure their previously non-secured (HTTP) web pages, they will need to encrypt the information being exchanged between their clients and their web server by incorporating an SSL certificate. Google are obviously pushing for a more secure internet than ever before, and they’ve opted for SSL encryption as a vehicle to do this. For website owners who wish to enable HTTPS on their web servers, here is a practical guide: https://developers.google.com/web/fundamentals/security/encrypt-in-transit/enable-https?hl=en. The following link is an additional guide on ways to avoid the ‘NOT SECURE’ warning in Google Chrome which is targeted at website developers: https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn.
What this means for online businesses?
The recent Google update implies that HTTPS and SSL encryption will become the norm across all web pages on the web. Eventually, each online company will have to secure their web pages using SSL encryption whether they like it or not, or users will simply choose a competitor that does.
What this also signifies is that not all websites using SSL encryption should be trusted, and there will be a notable increase in phishing sites using HTTPS also. Phishing sites can simply use false SSL certificates to evade the ‘NOT SECURE’ warning by Google Chrome and make their websites appear genuine. This will make the differentiation between phishing sites and real websites more complicated than ever. Online firms that use an Extended Validation Certificate (EV SSL) will be the most trusted websites on the web considering that it will be exceedingly difficult for phishing sites to imitate the authenticity that EV SSL provides.
Making all websites use SSL certificates to validate their authenticity will only increase the number of phishing sites that do the same. At the end of the day, however, SSL encryption will inevitably become compulsory, so if you need any help in securing your website with SSL encryption, get in touch with the digital specialists at Internet Marketing Experts Darwin by calling 1300 595 013, or visit their website for further information: http://www.internetmarketingexpertsdarwin.com.au