Make sure that your company’s website has a secure connection: Google Chrome will label HTTP websites as non-secure starting from July 2018

Google continues encouraging website owners to migrate to a secure data transfer protocol (HTTPS) – the next stage of the campaign is scheduled for this summer. If the connection to a website is not encrypted, then from July 2018, users of Google Chrome web-browser will see a notification in the URL bar on all the pages of the website. This will affect any website, corporate or private, no exceptions.

Should you concern with getting a security certificate (SSL) for your websites? Let’s look at some statistics: according to netmarketshare.com the share of Google Chrome web-browser users is 61.41% (for PCs / laptops) as of January 2018 – meaning that some of these users are likely to negatively perceive the message about the absence of a secure connection while browsing a website. This summer the browser warning about the absence of HTTPS won’t look so noticeable, however, in the future, Google promises to make it more aggressive.

Back in 2015, developers of another widely used web browser Firefox also announced their plans on gradual deprecating non-secure HTTP web pages. There’s a high chance that other popular web browsers will join this trend.

We do not recommend checking in practice how website visitors will react to the message about an unprotected connection and advise you to think about moving all your websites (both business and personal) to HTTPS in advance if you are still using HTTP – this can be done by your IT specialists responsible for website support.

What is a secure connection?

Yandex explains how HTTPS connection works really simply:

Imagine that you want to transfer something to another person. You put it in a box and send it. To prevent stealing from the box or fiddling with its contents you put a lock on it. The box gets delivered, but there’s no way to open it – the addressee doesn’t have a key. So this person hangs another lock on the box and sends it back to you. You get a box with two locks, take your own off – now it’s secure – and send to the addressee again. The addressee finally gets a box with their own lock only, opens it and takes out what you sent. This is basically how HTTPS connection between a user’s browser and a web server is carried out.

In practice, HTTPS connection means that no one will be able to redirect you to a malicious website or tamper with the content of the web page you are viewing. Any input fields a web page visitor may fill (passwords, credit card number, phone number) are also protected in the case of HTTPS connection – it won’t be possible for hackers to intercept this data.