Our blog, about stories and business-focused news from the IT sector
With the expansion of online banking, home automation and much more, we need to pay ever more attention to online security. The last few years has seen a mammoth increase in Cybercrime. Criminals are also becoming cleverer in the ways they attack us.
Cyber crime isn't victimless. Even if the bank reimburses stolen money (and spreads the loss across all its customers and investors), identity theft can still be life-changing. And in business there is usually no protection at all: if you lose money through online deception, you won't see it again.
So it's probably fair to say that we have a responsibility to ourselves, our families, our employers and our businesses to do as much as we can to ensure that transactions on the internet are made as safely as possible.
We need to take increasing care when submitting data to websites. Even giving away simple things like an email address could allow a criminal to start a collection of your personal data, which might finish with them stealing your identity.
Since the start of online shopping we've been told to look for a "closed padlock" icon before sending our details to a website. It, and the protocol "HTTPS", show your data is encrypted en route. Even if someone intercepted your connection, unless they had extremely powerful computers (think GCHQ, CIA, NSA, etc.), it would stay inaccessible and safe.
Currently, the popular browsers, Google Chrome and Firefox, make it easy for us to know when we are visiting safe (and unsafe) sites.
As you can see, Chrome shows a closed padlock and the word "Secure".
Click the padlock for a confirmation message about the encryption (HTTPS) and security:
Firefox is a bit more terse:
If you visit a site that isn't using encryption (just HTTP instead), then Chrome will currently flag this with a warning icon instead (an "i" in a circle):
If you click on that, Chrome shows you more information about the site, a warning that the site is not secure*, and giving a list of all the cookies that the site uses and other, more technical information.
If you are browsing using Chrome's "Incognito" mode - hoping for a little more security and anonymity - then Chrome changes the message to something even more obvious (right):
Later this year, possibly early in 2018, websites that collect data (e.g. newsletter subscription forms) and that don't have a security certificate will also be flagged as insecure.
Fair warnings for business, too
All this is very good for users, as the big browers are coming down on the side of caution and lots of safety warnings, but it can easily become bad news for smaller web site owners.
Do you know where to get a domain security certificate and correctly install it? Can you set up your web server correctly to redirect all your web visitors to use HTTPS?
If you don't, or can't, then you will soon find you are rapidly losing "digital footfall", if browser warnings about your site drive people to look at your competitors!
Now is a very good time to conduct a security audit of your web site. And we can help.
We are specialists in web security and domain services, and Name Registrars in our own right. We pride ourselves in delivering good, solid and affordable advice and support.