Impact of Chrome 68
On July 24, Google began rolling out Chrome 68, which has a major impact on small business websites. The new update marks all HTTP sites as Not Secure to ensure internet users can easily recognize whether sites are safe or not. That means that Google’s browser now prominently displays a “Not Secure” warning flag next to a domain name in the address bar if the site is not secured with HTTPS. Further inspection will reveal a warning to the user that they should refrain from entering any personal information into the site for risk of attackers stealing their data.
In an effort to drive the world toward a more secure global internet, Google Chrome began marking all HTTP web pages with forms as insecure last year, as well as HTTP sites opened through an incognito window. In just a year’s time, such a small change pushed 68 percent of Android and Windows traffic and 78 percent of Chrome OS and Mac traffic toward HTTPS. Now, 81 of the top 100 sites are using HTTPS by default.
The changes have a negative impact on owners of HTTP websites – many of whom are small businesses, where a “not secure” warning could drive potential customers and revenue away from their sites. With about 60 percent of all internet traffic utilized through Google Chrome, a change like this affects many small businesses.
While HTTPS everywhere is good for the larger internet, this change is concerning for small businesses and individuals that don’t understand the nuances of security. Even with all the best intentions, a new label that says “Not Secure” on a small businesses’ websites may hurt a company’s reputation. Small businesses will be forced to explain what “secure” means to their customers, if given the opportunity at all, and explain why they don’t conform to it, even if they do using other controls. It may also cause customers to hesitate using the site, potentially driving business away. Thankfully, this can be solved by adding an SSL certificate.
Importance of SSL Certificate
While Google Chrome 68 requirements might not sound like a big deal for website owners that do not process payments or ask for information, the truth is all websites need HTTPS encryption and every website can benefit from an SSL. In fact, if you do not currently have an SSL installed on your site, you are already missing Google’s automatic search ranking boost from back in 2014. In addition, Google de-prioritizes HTTP sites. With an SSL installed, your site will have access to powerful API tools that users have come to expect in responsive websites, such as geolocation and audio/video streaming. SSLs also unlock a significant performance boost by allowing your site to operate over HTTP/2, which by itself has the capability to improve your load times by up to 40 percent!
An SSL shows legitimacy and professionalism by ensuring your users feel protected while browsing. No website is too small. No data is worthless. And installing an SSL could not be easier with the number of options you have for getting the job done!
Ways to secure your website:
- Acquire an SSL at cost and install it on your website.
- Acquire your SSL free from Let’s Encrypt and install it to your hosting account manually. This DIY approach requires shell access to your hosting account, and a basic understanding of shell commands.
- GoDaddy offers a one-click SSL certificate install for sites that are hosted with us. Our Managed SSL service will install, configure and maintain your SSL certificate for you. We ensure all of your site pages are correctly deployed with SSL to avoid mixed content errors. Plus, we take care of ongoing SSL maintenance and renewal so you don’t need to lift a finger.
Authored by:
Tony Perez is the General Manager and Vice President of GoDaddy’s Security Product Group. He is responsible for managing GoDaddy Security, Sucuri, and Media Temple Security brands. Tony leads a diverse and global team spanning over 20 countries from sales agents to software engineers. As a two-time business founder, Tony combines his understanding of the needs and concerns of small businesses with his expertise in cyber security products and services. Previously, Tony was the Vice President of Product Management for Sucuri under GoDaddy, Co-Founder, CEO, and COO of Sucuri Inc., Co-Founder and COO of CubicTwo LLC, and served as a US Marine.