Google is making a change to Chrome that could affect the security of your website.
In recent years, Google has been encouraging website owners to add SSL/TLS certificates to their websites. These certificates make websites secure and change the look of the address bar to include a lock icon and the word “Secure” in green text. Users will also see a web address that starts with “https://” instead of “http://” when they are on a secure website.
These certificates ensure that the data flowing between your web browser and the web server, is encrypted. Encrypted data is translated into code that is unreadable to anyone (or any machine) who may intercept the data in transit; the only way it can be decrypted is with a key that is accessible to just the intended recipient. That encrypted data flow means that any information submitted cannot be read by a random server or person on the Internet who may come across your communication.
A few years ago,Google began displaying a small warning (indicated by the letter “i” within a circle) in the Chrome browser’s address bar if a website is not secure. Since an unsecured website can pose a risk to users, Google wanted to nudge website owners to start using SSL/TLS. That encouragement has paid off; 81 of the top 100 most trafficked websites now use SSL/TLS to secure their website traffic.
Starting in July 2018, Google will up the ante a bit and change the informational warning about an unsecured website to include a “Not secure” label.
What does that mean to you and your website? Users need to feel confident that your website is safe and up-to-date on current best practices for security. If your website displays the “Not secure” warning, then it’s obvious to users that you are not properly maintaining your website and are not invested in the best possible experience for them. A “Not secure” warning, especially paired with a website that does not work well on mobile phones, will be a dead giveaway that your website and your business are not keeping up with the times.
If you don’t currently have a secure website, don’t despair! If you’re technically handy, it can be a DIY fix if you purchase an SSL/TLS from a provider like GoDaddy and install it on your website. Once it’s configured, you’ll need to make sure that all links to internal resources (e.g. images or other files) are referenced using the https:// URL, or a relative URL. Be sure that all requests to http:// URLs are automatically redirected to their https:// counterparts.
If you are not comfortable implementing these types of changes yourself and are not sure how to properly support your website, you might want to consider including a continual support plan in your service package. This will take care of the difficult technical details, leaving you with a secure website and peace of mind.