Starting in Google will mark websites that do not have a secure (HTTPS) connection as unsafe. In Google Chrome, websites with a valid SSL certificate will be provided with a security warning. Google announced this in February.
As you can see in the image above, Chrome will provide websites that still use HTTP in the address bar with the message “Not secure”. Your Dutch visitors will see a message like “Not safe” or “Insecure”. Fortunately, many websites have already switched to HTTPS. According to Google, (in February) 68 percent of traffic for Android and Windows users ran via HTTPS. For Chrome OS and Mac users, this was 78 percent! In addition, 81 of the top 100 websites switched to HTTPS. Unfortunately, there are still (too) many websites that still use the less secure HTTP connection.
Now switch to HTTPS
This is the time to switch to a secure HTTPS connection if you have not already done so. Do you have a WordPress website? Then it is fortunately relatively easy to install an SSL certificate (free of charge) and to make all traffic go via HTTPS.
What is HTTPS?
Anyone who has ever used a browser has seen that there is “HTTP://” in front of a URL. HTTP stands for HyperText Transfer Protocol. This is the protocol for communication between, for example, a browser and a server. This protocol has been used for a long time on the “world wide web”, but also on local networks.
HTTPS stands for HyperText Transfer Protocol Secure. So it is actually an extension of the HTTP protocol, in which the communication between the user and the server is encrypted. For example, outsiders such as ISPs or employers cannot “eavesdrop on” this communication.
The image below (from TipTopSecurity ) clearly shows the difference between HTTP and HTTPS. As you can see, data is sent via HTTP “as is”: usernames and passwords can be copied literally. That is quite a risk if you use a public WiFi network. When these same data are sent via HTTPS they are “unreadable”.
But why is it so important that you use HTTPS? Previously, HTTPS was only used for traffic that had to be encrypted. For example, it has already been legally obliged to send sensitive data via a secure connection. Meanwhile, HTTPS is increasingly becoming a requirement for new features in browsers.
But even if you do not collect (or think about) collecting data on your website, HTTPS helps to prevent ‘intruders’ from getting the data that is sent between you and your users. This way, HTTPS can also prevent ads from being displayed on your website when people use free WiFi in hotels, for example.
Privacy and security
HTTPS ensures that all communication between your website and your visitors is encrypted. That way nobody can “listen in”. An example that Google gives is an employee who searches for medical information on his work computer. An employer can monitor your browser activity and collect sensitive information about his employees. An encrypted (HTTPS) connection makes this a lot more difficult for the employer.
Besides the fact that HTTPS also makes your website more secure, a green bar in the browser ensures that your website (and therefore your organization) looks much more reliable. Certainly, if Google will mark websites without HTTPS as “unsafe” later, websites that do not (yet) use HTTPS will be a lot less reliable. The chance is then a lot smaller than a visitor completes your contact form. Collecting data without encrypting the connection is also not permitted. Also, read our article about the GDPR.