24 B Dick St, Cambridge

Mon- Fri: 08:30–17:00
07 827 7119

24 B Dick St, Cambridge

http vs https and all the annoying security notifications

You might have noticed recently, especially if you have good antivirus software, that half the pages you visit online are now prompting notifications that the site is not secure. The reason for this lies in the address bar. If you look at the page you’re on right now you should see a little https at the start of the address. This stands for Hyper Text Transfer Protocol Secure, and it’s the ‘s’ for secure that we’re interested in here. These sites encrypt the communication between your browser and the site, as opposed to http sites which do not. That happy little ‘s’ is the way that you can tell that a site is safe for you to use.

Recently though, this issue has been making me less happy. In July this year Google Chrome released an update which actively identifies http sites as ‘not secure’. This is then picked up on by your security software and that’s why you’re receiving these notifications. The idea is to encourage sites which still have http to upgrade to https. And so they should. I think we’re entitled to good security as we go about our business online.

There is not much we can do about these notifications in the meantime. It will be up to the individual owners of the various websites to upgrade to https. Here is my advice for internet users:

1 – Continue to use good security software – we recommend ESET. The importance of security is worth the extra hassle in the interim

2 – When one of these notifications appears you have the option to ‘allow’ or ignore it, however you should take a second to consider whether what you’re doing on the site requires security. The worst-case scenario is that your data could be intercepted by a third party so if you’re just browsing the site then fine but if you’re entering any details, your credit card number, a password, or your personal details then security is very important. Most sites which ask for these things should be https, if a site you’re using is not then you should be asking why not.

 

For Website Owners:

I’ve had the opportunity recently to check out the websites of many Cambridge businesses and I’ve found that a lot of them are still http. It will be disconcerting for your customers to receive a security notification when visiting your site. In this age of (justified) online suspicion that’s the last thing you want associated with your business. Our advice is to talk to your website developer about upgrading to https.