Read the weekly blog from our friends at Chill IT…..
As of Wednesday July 25th 2018, Google has begun rolling out Chrome 68, which flags all sites not served over the HTTPS scheme as being “not secure”.
This means that, without SSL, you are likely to lose customers from your website in an environment where hacking & digital fraud is a concern. To ensure your website is not negatively affected you will need an SSL certificate associated with your domain so it can be HTTPS secure and have the pad lock symbol ) to show it is a trusted website.
HTTPS means your website has a secure way for transmitting data. A SSL from a trusted certificate authority is encrypted end-to-end, ensuring the data communicated is always protected, while standard HTTP sites just send plain text during transmission.
A SSL certificate is extremely important both to protect you customer’s data, and your image; it guarantees content integrity and the ability to detect tampering. Google ratings already favour sites with https protocol in place.
Google is implementing harsher measures in the near future: Google Chrome version 70 is due for release worldwide in mid-October additional policy changes to SSL certificates.
The changes will mean some current SSL certificates will no longer be trusted in Chrome’s latest version; an error page will appear before the website can be viewed if no action is taken. Given the large number of sites affected we strongly suggest you contact your IT provider to ensure you site is not affected.
For those of a more technical nature here is more information of SSL Certificates:
What is a SSL certificate, and how does it work?
SSL (Secure Socket Layer) is a way to confirm your site is secure. Basically it is a digital passports providing authentication to protect the confidentiality and integrity of website communication with browsers.
The authentication process follows this steps:
- A browser or server attempts to connect to a website (i.e. a web server) secured with SSL. The browser/server requests that the web server identify itself.
- The web server sends the browser/server a copy of its SSL certificate.
- The browser/server checks to see whether or not it trusts the SSL certificate. If so, it sends a message to the web server.
- The web server sends back a digitally signed acknowledgement to start an SSL encrypted session.
- Encrypted data is shared between the browser/server and the web server.