In your URL bar, you may have noticed that sometimes it says “HTTP” and sometimes it says “HTTPS.” HTTP stands for “Hyper Text Transfer Protocol” and the S stands for “secure.” As in your connection the website your a viewing is now secure against outside intrusion. While it’s true that your IP and anyone else who can view your web traffic will know that visited a certain site, they won’t be able to tell what you did on that website. While this may seem like a negligible difference, it is quite important.
In several countries there are laws against viewing certain kinds of content, such as subversive speech aimed at destabalizing the government. With a normal HTTP connection any agency that wanted to see exactly what you were reading, when you read it and where you did so, could do so. They would be able top use that sort of information against you in a trial. or as supporting evidence to convince a judge to give them a warrant.
With an HTTPS connection however, that information is obscured. This because HTTPS connections use a Secure Socket Layer (SSL) Certificate to ensure that the connection between the server, website and the user are all encrypted. While this does mean a monitoring agency or group can see where you’re going to, it can no longer see what you were doing. When shopping online, or transferring any kind of sensitive data, an HTTPS connection is critical. A transaction over an insecure connection could mean that someone a thousand miles away now has your credit card information. Using am HTTP connection is like using the public, unsecured WiFi at the airport. Dangerous, and liable to get your identity stolen.
HTTPS is the first step in building a secure network, and should be used for any websites you own. While a secure connection won’t stop your data from getting hacked by other means, it will remove one of the easier ways of doing so. If you regularly login to your own website, or any commerce account make sure the connection is secure. You may notice that some HTTPS connections have a green coloration to them, which means the owner of the SSL paid some money to have their certificate verified as being secured.
Google has announced the websites without HTTPS connections will be ranked lower then ones that do, as part of an effort to make users more secure. There have been studies that show that up to 80% of customers will fail to complete a purchase from any website that doesn’t have a secure connection. While Google is pushing the switch over to HTTPS most small businesses are resistant to the change. Switching over to a secure connection can involve hiring a developer to manage your website and peripheral services before, during and after the transition. In businesses that don’t transmit any secure data, or do not have a high risk of a hacking attempt there is little reason to change. While these businesses are not negatively impacted by this lack of change, there is the possibility that Google will move towards penalizing those who don’t adopt the standard.
Max is a Legal Assistant and author residing in the Philadelphia area He has been writing for AskCyberSecurity.com since early 2017.