Data delivered over an unencrypted channel is insecure, untrustworthy, and can easily be intercepted. We owe it to our users to protect the security, privacy, and integrity of their data — all data must be encrypted while passing over the internet or at rest on a server.

  • HTTP has become central to today’s way of life. HTTP is currently the primary protocol for applications used on computers, tablets, smartphones, and many other devices.
  • As our dependency on the internet has grown, the risk to users' privacy and safety has grown along with it.
  • Every unencrypted HTTP request reveals information about a user’s behavior, and the interception and tracking of unencrypted browsing has become commonplace.
  • Today, there is no such thing as non-sensitive web traffic, and public services should not depend on the benevolence of network operators.
  • When properly configured, HTTPS can provide a fast, secure connection that offers the level of privacy and reliability that users should expect from government web services.

Why use (https://) Privacy and integrity on your website?

  • By using private connections by default, changed expectations make everyone safer.
  • By using your HTTPS on your site you will be ranked higher on the main search engines of Google, BING and Yahoo.
  • By always using HTTPS, web services don’t have to make a subjective judgment call about what’s “sensitive”. This leaves less room for error, and makes deployment simpler and more consistent.
  • Widespread use of HTTPS also means that clients can begin assuming HTTPS with more confidence. Attacks designed to track large quantities of unencrypted traffic become less attractive.
  • Web browsers can begin displaying HTTPS connections as normal, and HTTP connections as non-secure. HTTPS validation failures can become more strict, reducing the effectiveness of phishing and user error.
  • These changed expectations improve the security of HTTPS on every website. In other words, protecting less sensitive sites strengthens the protections of more sensitive sites.

HTTPS is the internet’s next phase

The internet’s standards bodies, web browsers, major tech companies, and the internet community of practice have all come to understand that HTTPS should be the baseline for all web traffic.

The W3C’s Technical Architecture Group has found that the web should actively prefer secure connections and transition entirely to HTTPS.

The IETF has said that pervasive monitoring is an attack, and the Internet Architecture Board (the IETF’s parent organization) recommends that new protocols use encryption by default.

The Chrome and Firefox security teams are working on gradually marking plain HTTP as non-secure. Ultimately, the goal of the internet community is to establish encryption as the norm, and to phase out unencrypted connections.

Investing in HTTPS makes it faster, cheaper, and easier for everyone. Many of the advancements of the last several years have come from major institutions and technology companies committing to migrate websites and services, improving the status quo, and contributing their improvements back to the public.

The more Business and Corporate websites and services that join the transition to an encrypted internet, the smoother and faster it will be.

To Check the HTTPS performance on your site visit Qualsys SSL Labs

Random Strong Password Generator

Need a Strong Random Password Generator? Check out the new Progressive Web App (PWA). Works Great on Mobile, Tablet or your Desktop!