This web site is insecure!
Published: 11 December 2017
This URL will be safe - but why?
With the expansion of online banking, home automation and much more, we need to pay ever more attention to online security. The last few years has seen a mammoth increase in cybercrime.
Criminals are also becoming cleverer in the ways they attack us.
Cybercrime isn't victimless. Even if the bank reimburses stolen money (and spreads the loss across all its customers and investors), identity theft can still be life-changing.
In business there is usually no protection at all: if you lose money through online deception, you won't see it again.
So it's probably fair to say that we have a responsibility to ourselves, our families, our employers and our businesses to do as much as we can to ensure that transactions on the internet are made as safely as possible.
We need to take increasing care when submitting data to websites. Even giving away simple things like an email address could allow a criminal to start a collection of your personal data, which might finish with them stealing your identity.
Being safer—what to look for
Since the start of online shopping we've been told to look for a "closed padlock" icon* before sending our details to a website.
That, and the protocol "HTTPS", show your data is encrypted en route.
A secure URL in the Chrome browser location bar
Currently, the popular browsers, Google Chrome and Firefox, make it easy for us to know when we are visiting safe (and unsafe) sites. As you can see, Chrome shows a closed padlock and the word "Secure".
Click the padlock for a more detailed confirmation message about the encryption (HTTPS) and security:
Firefox has a similar message, if a bit more terse:
If, you visit a site that isn't using encryption (just HTTP), then Chrome will currently flag this with a warning icon instead (an "i" in a circle):
For more detail, click on that round icon: Chrome then shows you information about the site, a warning that the site is not secure*, a list of all the cookies that the site uses and other, more technical information.
If you are browsing using Chrome's "Incognito" mode—hoping for a little more security and anonymity—then Chrome changes the message to something even more obvious (right):
Fair warnings for business, too
In 2018, websites that collect data (e.g. newsletter subscription forms) and that don't have a security certificate will also be flagged as insecure.
All this is very good for users, as the big browers are coming down on the side of caution and lots of safety warnings, but it can easily become bad news for smaller web site owners.
Do you know where to get a domain security certificate and correctly install it? Can you set up your web server correctly to redirect all your web visitors to use HTTPS?
If you don't, or can't, then you will soon find you are rapidly losing "digital footfall" when browser warnings about your site drive people to your competitors!
Now is a very good time to conduct a security audit of your web site. And we can help.
We are specialists in web security and domain services, and Name Registrars in our own right. We pride ourselves in delivering good, solid and affordable advice and support.
Call us on 01173 700 777 or email firstname.lastname@example.org to find out how we can help you secure and grow the Web part of your business.