The internet has changed beyond all recognition since its invention by Tim Berners-Lee, with more of us now relying on it for our banking, shopping, communication, and entertainment than ever before. As we move along this path of digital progress, now is the time that we should all make time to take stock and focus on security – and part of that is moving all websites from the traditional HTTP to the more secure HTTPS.
Banks, ecommerce websites, and online casinos, have long relied on HTTPS and the locked padlock shown in the browser address bar to assure their customers that their money and data are safe. But it is not just financial data that needs to be kept private and away from nefarious prying eyes – all your data should be secure, and that means all websites should be using the same security measures.
Nearly 30 years ago, when the internet was first developed, security was not a huge priority as few people were connected, and the data being shared tended not to be significant. That situation has changed. Our browsing sessions across the web as we move from reading the news to watching video streams, to chatting on forums, all leak data, which can be read by others.
Advertisers have long used these fragments of data to track people across the web and make sure that they are targeted by the most relevant ads, and leaks from WikiLeaks and Edward Snowden showed us that the security services are also always watching. But even if you are not concerned about these organisations seeing your online activity, then you should be concerned that hackers are doing exactly the same in the hope that at some point you share some information that is either interesting or financial lucrative to them.
Moving from HTTP to HTTPS does not create a panacea of perfect security for all, but with the advent of technologies like LetsEncrypt that makes it essentially free for websites to move to a secure connection, then the question starts to become – why don’t we all offer better security by default?
Luckily for users, Google has decided to use its digital dominance to push websites towards HTTPS by announcing that security would be a ranking factor in search results this year, and that HTTPS is required for users looking to take advantage of the search giants AMP project for faster-loading mobile views. To make sure users are aware of the issues posed by insecure connections, Chrome, the world’s most popular web browser, also started showing “Not secure” in the browser address bar of sites that do not use HTTPS.
The web is an evolving beast, and we should all periodically take some time to make sure that our own practices are both making the most of the technologies on offer, but also protecting ourselves from those looking to take advantage of us. Today’s technology to embrace is HTTPS.
Photograph by Negative Space