Encryption hasn’t always been a standard on the Internet – in earlier days, most webmasters simply used HTTP, instead of the HTTPS format. HTTP means no encryption for the website. So all the private information- names, addresses, passwords, that are collected can be “heard” by any one “listening in”.
These days, many companies are moving to an encrypted traffic model. Here’s why.
Keeping Up with the Joneses
One of the most basic reasons why websites are moving to an encrypted traffic model is simply that everybody else is doing it. Recent statistics show big changes in the percentages of web pages loaded by common browsers, for example, Firefox, with secure connections.
A Credibility Question
Beyond just popularity, though, there are other reasons why companies are moving to encrypt traffic on the web.
One of the biggest reasons is that browsers themselves are moving to label unencrypted traffic more aggressively.
Google has made the change in Chrome, marking HTTP pages as “Not Secure.” That in itself makes executives think about the value of having web traffic protected with encryption.
Firefox has its own ramp-up of warnings planned as well. Both browser makers plan to mark all HTTP sites as non-secure in the future to get the whole web onto HTTPS.
Essentially, not moving to encrypted traffic can result in the browsers themselves scaring off your customers with intimidating warning signs. You’ve probably seen how browsers throw up whole page warnings for sites without a valid SSL certificate. Most companies can’t afford to have their visitors see warnings like that.
There’s also the issue of page ranking – Google is using HTTPS secure traffic as a ranking indicator. That means you might see a downgrading in site popularity if traffic is not encrypted.
Privacy for Users
When companies move to encrypt traffic on the web, they’re also protecting their users.
Unfortunately, most users might have the same password across multiple websites. That makes them more vulnerable – it means if their password is stolen on your site, and they use the same one for their online banking, their bank accounts may be in danger!
So in this case, even if it seems like the compromising of a user’s username and password on your site isn’t a big deal on its own, it is a great risk to users who have used the same username and password as credentials to their bank accounts.
With unencrypted traffic, others can see what people are doing on the web. For any substantially functional website, that can be a big liability. For example, if someone is researching medication or treatment for a chronic illness, or researching bankruptcy, they probably don’t want those things broadcast into the world. Basic encryption is a nice active safeguard for customers.
Cybersecurity – Circling the Wagons
Companies are also keenly interested in cybersecurity. Many experts call today the “age of cyber warfare,” with distributed denial of service attacks, drive-by downloads and other threats emerging on the horizon. Encrypted traffic helps to limit access to the website’s administrative accounts that hackers can use to compromise the site and the credibility of the site’s owner.
Is your website encrypted? Encryption doesn’t have to be a complicated and laborious process, and it has its own big rewards. Think about upgrading to an encrypted and secure model for your company’s website.
For help with your cybersecurity strategy and execution contact us at Fractional CISO. We’ll be happy to help you get on a path to better cybersecurity decision making.