Posted on Tuesday, April 17, 2018
This summer Google take the next step in upping their security standards. Below one of our developers runs through these changes and what they mean to your website.
July will mark the culmination of Google’s initiative to “move towards a more secure web” when it will release its latest version of their browser, Chrome 68. Over the last two years the San Jose based company has been focusing on “making the browsing experience a safer one”, by encouraging web publishers to adopt secure HTTPS encryption.
Google has slowly tightened its criteria as to what it deems a secure website, it started by highlighting unencrypted sites that required password or credit card data. This was later extended to any type of data input, such as contact forms and in a few short months it will enforce its broadest definition yet, with all HTTP served websites deemed unsecure.
Visitors to a website will see these warnings in the address bar where it will be marked “Not secure” in Chrome’s “omnibox”.
Proposed warnings in the Chrome browser as illustrated in Google’s February 2018 security blog.
There is some industry debate as to how conspicuous these flags may be, whether they will be red with a warning sign is certainly a possibility.
Prominent warning signs were hinted at as early as the start of Google’s initiative in September 2016.
What cannot be ignored is the potential impact it will have on traffic to a site, Google has a commanding browser market share, which is over 50% worldwide. Their influence on web browsing behaviour has far reaching consequences.
A website that is perceived as being ‘untrusted’ in this current climate could have detrimental ramifications, including:
Many companies will inevitably need to upgrade to stay relevant anyway, as leading web publishers are pushing towards HTTPS encryption independently. Late adopters may find themselves struggling to do so in such a short period of time now that Google has imposed their July deadline.
The first step to making a secure website is to obtain a SSL certificate which needs to be installed on the hosting server, this allows for the switch from HTTP to HTTPS.
This is not however the only steps that need to be taken into consideration, ‘mixed content pages’ where resources that still load using HTTP will need to be changed. Conducting a full site audit to insure a comprehensive conversion process is advisable.
Securing a site can be quite daunting and an involved process, following best practices and the sheer logistics of the task to hand can be challenging especially for larger websites.
At Miramar we have been supporting our clients, offering a full conversion service which includes, acquiring and implementing trusted SSL certificates, HTTPS implementation, resource link redundancy and strategic role out.
As Google makes the web a safer place to browse the internet, consumer trust will become a de facto requirement over the success of any website. That time is fast approaching, is your website ready?
Tell us what you need and one of our experienced team will get straight back to you to discuss your objectives and how we can help you achieve them.
Chat to us
