So you are surfing the internet on a bright sunny day. The kids are playing in the back yard with Bucky the Golden Retriever and your wife is in the kitchen baking cookies. All is good with the world – if Norman Rockwell was around this could have been his next American Classic – “Dad On The Internet”…
You go to the same website you have been going to the for the last 3 years but as soon as you get there a big warning message takes over your screen “WEBSITE NOT SECURE”. Bang the Norman Rockwell scene vanishes from your home in a matter of seconds. The dog goes nuts and there is a burning smell coming from the kitchen as a shadow falls across your computer screen.
THE WEBSITE IS NOT SECURE – so what does that actually mean?
For the average user on the internet a warning that the website is not secure is the END OF THE SESSION on that website. It doesn’t matter if there is a good explanation or not for this warning – it simply stops the user in their tracks as the fear of what could happen simply supersedes any need to use a website.
For Google it will mean that the website is not using an encryption connection which in plain English means the session between your computer’s browser and the server where the website resides is potentially accessible to other parties who could access your valuable information (or not so valuable information) pending what you are doing on this website. Please note the word “potentially” and this potential risk could be high (OR) low pending where you are accessing the internet. If you are on an open public network you probably have more chance of your information being intercepted than on your business or home secured wi-fi. Keep in mind we have been accessing non-secure website since the web was invented – but of course with no warnings.
We have also used encryption on websites before in particular when we check out of an online shop. Several of the websites we manage are encrypted completely (no matter where you go on the site the data is encrypted) but quite a few websites we manager have secure server but it only engage it for checking out of a store or sending sensitive data. (as that is obviously the most important data to keep secure). Unfortunately this will not satisfy Google’s new plans.
So I need a Secure Server Certificate to Secure My Website?
Secure Server Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. (Boring as crap I know but you have all seen the Gold Padlock before indicating you were secure)… Currently unless a call goes to a Secure Server Certificate that has expired (or is not working correctly) you would not be told the website’s connection is not secure…
GOOGLE IS ABOUT TO CALL OUT ALL WESBSITES THAT ARE NOT SECURE!
BUT that all changes in 2017 when Google will start calling out all websites that are not secure. That means ANY website that is not running secure server certificate on ANY page on that website is going to produce this warning flag. It is actually going to be chaos in my opinion as so many websites will not be secure according to Google. But regardless of the initial chaos I have no doubt that the users will stick to current behavior and not use any site that is flagged as not secure and no doubt any of the website that are fully secure will gain more traffic in the short term (as everyone else catches up).
Bear Web Design’s own website has been secure server certificate fully for several years now (actually setup in relationships to PCI Compliance – a credit card / banking requirement). Unfortunately there is an annual cost to having a certificate, updating the certificate to the website and then making the website fully secure in all calls. Based on what we see coming we will be contacting all our clients to identify those costs and the timing involved in adding the secure server certificate to their website before 2017 to make sure they don’t lose traffic (and maybe) gain some web traffic in 2017!
If you have any questions about this new initiate of Googles please contact me or call me at 615 504-6845 and I would be glad to discuss and provide help if needed!