Dealing with SSL Deadlines and Security
The Sprocket Report
July marks another deadline for your website – that’s the When. Discover the Who, What and Why you need to deal with this security issue NOW.
The Who is Google and here’s a very brief recap of the relationships for those of us who don’t live in the tech world:
- Google is the most popular search engine in the world, accounting for 75% of the total search engine market. While that’s not ALL the traffic, it is a whopping huge amount.
- The web browser Chrome is a development of Google’s. Other popular web browsers include Firefox, Safari, Internet Explorer and Edge, but Chrome is positioned to continue increasing its share of the market.
- In a very unofficial survey, Sprocket looked at the browser reports of our own clients’ Analytics. Chrome accounts for about 50% of the traffic.
- The newest version of Chrome, Chrome 68, is now being released.
- Google has warned that along with the Chrome 68 release in July, Google search engine results will start showing websites as “not secure” if they do not have an SSL certificate installed.
- Your website is the same as it was last month, but now Google will warn your prospective customers that your site has not been secured with an SSL certificate.
- Because we all have to protect ourselves from the people who find it lucrative to hijack websites. We have seen an avalanche of security fixes in the news lately from Facebook to GDPR, and Google is among those trying to make our digital world safer.
- Even though you may not collect sensitive information like credit card numbers on your website, being labeled “not secure” is not a welcoming message for your site’s visitors.
- The “not secure” designation also impacts your website’s ranking in search results.
What to Do:
- Secure your website with an SSL certificate. You will need to do a little work of your own and get a little technological help as well.
- Start by confirming what your security needs are. Ecommerce, forms and similar requests for information obviously need more security than a blog or news feed.
- If your security needs are minimal, there are free SSL options such as Let’s Encrypt. These are stripped-down certificates that cover the basics.
- For additional validation levels, sub-domains, warranties and support, you’ll want a paid SSL certificate. One place where you can get SSL products is at our own Sprocket Store.
- Whether you buy an SSL certificate or go with the free option, installation and testing of the SSL to be sure your entire website has been secured is best done by a tech professional. Expect the work to take an hour or two for a simple website. Obviously, the more complex your site is, the longer it will take to complete.
If you’ve been putting this task off, it’s really time to get it done already. Talk it over with your web tech and avoid the “not secure” label.
No web tech? Certainly give us a call – we’re happy to help!