It’s Official: Your Website NEEDS to Use HTTPS

HTTPSYou may have noticed many business websites now have a green padlock in the address bar next to the letters ‘https’. Until recently, you would have only see that on shopping or banking sites, but it is now become the expected norm for all business websites – even if you don’t need users to log in or enter credit cards. Simply put, the ‘s’ in https stands for secure and means any data sent and / or received by the visitor is encrypted.

Clearly, this is an essential feature for e-commerce sites, but why have all the info-only websites started using https too?

The New Google Rule

As of July 2018, Google will mark your website as insecure unless you use https. It is a movement they started a few years ago to make the internet a more secure place by default. Since Google pretty much rule the internet search and increasing security is always a good idea, business websites have been gradually switching over. Without https protection, someone with access to your internet connection, whether from digital eavesdropping or hacking, could intercept the information. They could also place malware onto otherwise legitimate sites and infect innocent visitors. That is why eighty-one of the top 100 sites online have already switched to https and a very large majority of others are following suit.

The Browser Bar Says It All

In the same way a green padlock in the browser bar indicates a trustworthy site, you can expect that non-https sites will be marked with a “not secure” warning. Previously, users had to click an information symbol to actively investigate the security status of sites. This shift to plain sight markers will be most noticeable on Chrome, however it is expected that other browsers will follow suit. Future visitors to your site may then be alarmed by seeing that the connection isn’t secure.

The fact that you may not be asking them to log in, enter personal details or payment is irrelevant as perceptions matter. Eventually that warning will be changed to an alarming red as Google declares war on insecure sites. As the common understanding is that a warning is bad, you may get more visitors bouncing straight away or even contacting you to report that your site has a problem.

Boosts for Secure Sites

Google is also taking its commitment to safe web browsing further by favouring https websites. This means that Google’s search algorithm is taking your site security into account, preferring https results. Since https status get preference in search results, you may find yourself climbing in the ranking while other businesses drop. It really is a win-win situation for you to implement https..

How to proceed?

It is a little more complicated than just changing a setting within your web hosting environment. You have to order an install a SSL (Secure Sockets Layer) certificate and then install it within your hosting environment. The easiest way to do this is to contact your IT technician or web developer, as they will be able to make sure that it is all done correctly and thus will keep Google happy.

We can help secure your website by migrating it to https – contact us today at 08 83264 364 or support@dpcomputing.com.au.

Why you should have a SSL Certificate for your Website

Secure SSL URLWeb browsers are starting to come out which detect whether a website is secured by a SSL certificate or not. On websites which don’t have a SSL certificate, browsers will start to label them ‘Not Secure’. But what is a SSL certificate and how will it benefit my website?

SSL stands for Secure Sockets Layer. Basically, SSL establishes an encrypted link between your web server and your visitor’s web browser. This ensures that all data passed between the two remains private and secure. We turn to the internet for everything from information to buying and selling and much more. With this trend, security has become an important factor.

Google tries to protect its users and is always trying to make us feel secure whilst on the internet. Not only does having a SSL Certificate improve your Google rankings but any sites with logins and contact forms are now displayed as non secure on some leading browsers. With Google’s push on this it is now becoming industry standard to have these Certificates.

This means if your website has an SSL certificate, it will display ‘Secure’ otherwise it may display ‘Not Secure’ in the URL bar on some browsers.

SSL URL

Encrypting your site entails purchasing an SSL Certificate and then configuring your website to run the certificate. This can be done by your website designer or if you would like us to assist or have any questions regarding this give our partner Brad a call from Company Hub on 8387 5559, 0477 779 978 or visit their website at http://www.companyhub.com.au

How The ‘KRACK’ Wi-Fi Security Issue Affects Us All

WPA2 KrackedThe invention of Wi-Fi or wireless networking has been a dream come true. We can use our laptops and tablets anywhere in the office and our phones are using the main internet connection instead of sucking down data on the 3G / 4G network. It is essentially the backbone of the smart tech boom for home and business alike. Most Wi-Fi networks are password-protected with an encryption called “WPA2” and up until now this has been safe and secure.

Recently, a security flaw called KRACK (The Key Reinstallation AttaCK) was discovered. KRACK allows hackers to break into Wi-Fi networks – even the secured ones and your wireless networks are possibly vulnerable as a result.

How KRACK works?

KRACK doesn’t work via a problem with your device or how it was set up as it is an actual issue with the Wi-Fi technology itself. The attack gets between your device (eg computer, tablet or mobile phone) and the wireless access point (eg modem / router) to reset the encryption key so hackers can view all network traffic in plain text. Since just about everyone relies on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, confidential files, emails and more.

NOTE: The hacker needs to be in physical range of your Wi-Fi network to exploit this flaw and it doesn’t work remotely like other attacks we’ve seen recently. Given that most Wi-Fi networks extend well past your own home/business walls, this is small comfort, but important to know.

How to protect yourself

Run your updates: Software updates are being released which fix the flaw. Microsoft has already released them for Windows and Apple has one coming in a few weeks. So please take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update (eg Android phones), or if they’re older, may not get an update to fix the issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support. With smart phones consider using data on the 3G / 4G network instead of Wi-Fi.

Be very careful with public Wi-Fi: While your local business center, library or school campus should have expert IT professionals keeping guard over security, it is a very different matter at your local coffee shop. It is unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them an opportunity to grab your precious data.

Check your browser security: Before sending anything private over the internet, check that you are using a secure HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS.

If you need help updating your devices, or want us to check if you’re safe, give us a call on 08 8326 4364 or via email at support@dpcomputing.com.au.