Superhero Blog

Spidey

Google’s New Security Changes and How They Affect Your Website

Google’s New Security Changes and How They Affect Your Website

Kapow Interactive - Wednesday, September 27, 2017

Do you have a website?

Does your website collect private information including contact details or credit card information?

Do you help manage a company website?

If you have a website, you may be affected by Google Chrome’s new security changes.

We strongly advise you read the IMPORTANT information about Google’s new security initiative and how it may impact your website and business.

Google’s Plan to Create a Secure Connection

Google Chrome has released an alert to all websites using HTTP connection that they will soon be marked as Not Secure.

For those who may have missed it, here it is:

“Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.

The new warning is part of a long term plan to mark all pages served over HTTP as “not secure””

You can read the full article via Google Chrome Blog:

Google Chrome Blog - Next Steps Toward More Connection Security

Google Chrome has already started marking HTTP webpages as non-secure from January 2017.

So What Does This Mean?

Google Chrome has started flagging all webpages that use HTTP as Not Secure.

HTTPS encrypted websites are being marked as Secure.

Example:

http://www.kapowinteractive.com.au (Not Secure)

https://www.kapowinteractive.com.au (Secure)

Google Chrome, along with a number of other Web Browsers such as Mozilla Firefox, Internet Explorer and Apple's Safari have also started marking HTTP webpages as Not Secure in an effort to create more secure browsing.

Safari has also started alerting visitors to some non-secure websites via pop-up warnings.

The Google Chrome browser displays HTTPS webpages with a Secure padlock icon.

Non-secure websites are displayed with an unlocked padlock icon.

Non-Secure Example:

 

 

Secure Example:


 

Google Chrome is currently the most popular choice of web browser, dominating the market share with over 56.8% of users preferring to use Chrome over any other browser [Source:w3counter.com, 2017]

 

Help! What is HTTP and HTTPS?

HTTPis the text at the start of a website address. HTTP stands for Hyper Text Transfer Protocol (HTTP).

Example: http://www.website.com

HTTP is a connection established between a Web Browser and a Server that allows data to travel to and from.

HTTPS stands for Hyper Text Transfer Protocol Secure. This means that all connections between the browser and server are Secure.

If your website address uses HTTP then Google Chrome will mark your website as non-secure ☹ (Naughty Google!)

How Can This Affect My Website?

ALL websites using HTTP will be effected by these changes.

“But I don’t collect customer information or credit card details on my website, will I be affected?”

Unfortunately the marking of non-secure websites is not limited to sites that collect private information. Google is planning to mark all HTTP websites in the near future, even the ones that don’t collect private information!

One common misconception about HTTPS is that the only websites that need HTTPS are those that handle sensitive communications. Every unprotected HTTP request can potentially reveal information about the behaviors and identities of your users.” [Source: Brightlocal, 2017]

So what are some of the ways this may affect your website?

 

1. Reduce Website Traffic

Websites marked as Not Secure can deter visitors from browsing on your website or may even stop them from entering the site all together.

Visitors may interrupt the non-secure icon as:

  • The website is not safe or secure to browse
  • A potential threat to computer security
  • Private contact details and credit card information are not secure and vulnerable to fraud
  • Distrust of brand and services

This could result in reduced website traffic and even impact on online sales.

2. Website Security

HTTP websites have a less secure connection between the web browser and server. This means the website is more susceptible to malware or hacking.

A HTTPS encrypted connection is more secure. This means private information and credit card details are less prone to spam or hacking.

3. Google Page Ranking (SEO)

There’s no doubt that many companies pay attention to their Google Page Ranking.

Although Google has not officially confirmed how secure HTTPS encryption will impact on Google rankings, Google has hinted that Secure websites have an advantage in search page rankings.

If Secure websites are favoured by online customers, website traffic will increase and can result in a higher Google ranking.

How Can I Secure My Website?

An SSL Certificate can be installed on a website to provide a HTTPS Secure connection.

SSL stands for Secure Sockets Layer. It’s a form of encryption that allows messages to be sent from a webpage to a server securely.

An SSL certificate can be installed on a website by a web developer.

When an SSL Certificate is installed on a website, all browsers will display a secure icon in the address bar.

What Does It Cost to Secure?

There are three options for SSL Certificate installation; 1 Year, 2 Year or 3 Year Renewal.

The cost of SSL Certificates can vary, depending on the installation process and the complexity of the install.

There are many Third Party online suppliers that sell SSL Certificates ranging anywhere from $1-$1500 depending on the type of website and the level of insurance required. Some suppliers also include ongoing management and technical support.

Before purchasing an SSL Certificate, always speak to your Website Developer to see if the SSL Certificate is compatible.

Please Note - Third Party SSL Certificates are not available for all websites.

For example: If your website is hosted by Kapow Interactive, we can supply an SSL Certificate.

Some Kapow websites can have Third Party Certificates installed however Kapow BC websites are not compatible.

Third Party Certificates can be more difficult to install, causing a significantly higher cost to the client.

Kapow Prices:

We have included the cost of the certificate, installation and ongoing support in one price as below:

  • 1 Year Renewal SSL Certificate & Installation - $260 + GST
  • 2 Year Renewal SSL Certificate & Installation $410 + GST
  • 3 Year Renewal SSL Certificate & Installation $560 + GST

2 or 3 Year renewals only include one installation price.

Please Note: If the installation process exceeds over 1hr of Kapow production time, additional charges may apply. Kapow Interactive will notify you if additional charges apply. 

If you would like to Secure your website, please call Kapow Interactive on 07 4946 7735.

Do you have a question or want to know more about Google's Security Changes?

We can help, please give us a call.

Not sure whether to Secure your website? Read up on these articles:

Google - Check if a site's connection is secure

Switching to HTTPS: Is it really worth it?

3 Reasons You Should Add HTTPS to Your Local Business Website