Tag: ssl

by graphedia

 

All of us here at Graphedia are conscious of security when it comes to using the Internet. They say that practice makes perfect, and we completely agree. That is why we are constantly improving on our techniques to practices to be bets at what we do. That’s how we can spot a dodgy site from a mile away. Yet, we understand that some of our customers and even our customer’s customers may not have the time to keep up with all the security changes that are going on.

We are not the only company who think this way, Google are also very proactive in protecting their customers from threats on the Internet. One of their latest protection ideas revolve around their web browser – Google Chrome. Beginning January 31st, they are making some subtle changes to the way Chrome recognises websites and how secure they are.

 

What Is An SSL?

SSL stands for “secure sockets layer” and is a form of security for sites that handle sensitive information such as customer names, phone numbers, addresses and credit card numbers. It creates a secure connection between a customer’s web browser and the server of the company they’re interacting with. Here’s an example. Let’s say you need to talk to your friend about some personal conflicts going on within your life. Would you rather talk to them in public where you run the risk of people overhearing you or would you rather have your conversation in private? An SSL gives the company and the customer the ability to communication and share information, in private.

 

What Changes Are Going To Be Made To Chrome?

On current versions of Chrome, when you visit a website without an SSL certificate you will see a very discrete exclamation mark beside the website address (picture below).

Current version of Chrome

This is not overly obvious to the end user, but changes being rolled out in version 56 are a little more obvious. As you can see from the below picture, the basic exclamation mark has morphed into a more obvious “Not Secure” message.

Proposed Version 56 of Chrome

Google are not stopping there, in future versions, they plan on making more changes to Chrome. One of those changes will see the new “Non Secure” message being made even more prominent by making it a bright red font to grab your attention.

Full warning in red font is planned for future upgrades

Will This Have Any Implications For My Website?

Yes, I’m afraid so – it will have implications for all websites that do not have an SSL certificate (only when users are using Google Chrome 56+). While your sites will continue to function normally, your users will see these security notices in their browser. Some users may choose to ignore them, but the fact of the matter is, everyone is concerned about security. This means that as time goes by, users will start to get uneasy when visiting your site and eventually avoid your site altogether.

 

Are There Any Major Benefits To Having An SSL Certificate?

Loads – absolutely loads.

  • End to End encryption
  • Prevents eavesdropping on user data (ISP’s, Not Nice Governments etc.)
  • Prevents man in the middle attacks and phishing attacks.
  • Should always be used when accepting credit cards.
  • Improves your SEO rankings in Google.
  • Improves customer trust.

 

Is There Anything I Can Do?

There sure is, but it will involve the obvious – purchasing an SSL certificate for your website.

Contact Niall here in Graphedia and he will fill you in on how to go about getting one for your website.

 

Source: Google Security Blog

Other Links of Interest

by graphedia

(The Interwebs Just Got Safer!!)

You know when you browse a website, you surf the net, you buy something online or just generally interact with websites? Well, have you ever wondered what happens to your personal data? Or how is it that marketers always know exactly which products you have been looking at and which ads to send your way?

Well, that is all done through … The Magic of Google Analytics.

Google Analytics is a Google product that essentially allows businesses to look at your interaction with their website and to check out how much time visitors spent on their sites, which pages they looked at, which products they browsed before eventually whipping out that credit card and making a purchase!

In the past, the communications between those businesses’ websites and Google Analytics was not always secure. Sites using HTTPS did benefit from secure (encrypted) communication between their website and Google Analytics, but those sites using HTTP did not and so personal data was not always secure.

Big Changes

However, that all changed last Wednesday when Google announced that they will now be securing all traffic communication of websites using Google Analytics, whether the website is HTTPS or not.

Google announced that “…with the increase in privacy related concerns we have made the decision to secure all communication to and from Google Analytics, protecting our clients, our client’s end users, and the broader internet”

So, What Does This Mean For You?

Well, for you, the end user (i.e. when you are browsing a website yourself) you can breath easy knowing that the data that is collected when you browse or interact with any website, either HTTP or HTTPS, is now encrypted and much more secure.

Essentially the inteweb is safer!

What Does This Mean If You Are A Business With A Website?

For you the business owner, this means two things:

  1. You can now tell your customers that their data is even more secure! Yay! Bonus!
  2. There is a downside, however for websites with SSL’s. Encrypted traffic is ever so slightly slower than unencrypted traffic and so you may see a slight increase in bounce rate – ie people not patient enough to wait an extra second before they leave your site! Did you really want them there anyway we ask you?

That’s about it.  We hope you found this little explainer blog useful.