Welcome to episode 64 of This Week Online Today, where I will be talking to you about the big online news that has been happening this week today to make sure that you are ahead of the game when it comes to running your online brand successfully.
And if you have already subscribed to the newsletter, you will also receive an exclusive bonus tip of the week to help you further about this topic.
If you haven’t, don’t miss out and make sure you subscribe to the newsletter to stay ahead of your competition.
In this episode of This Week Online Today, I talk about the following:
- the news about Google Chrome marking site not encrypted with HTTPS as ‘Not Secure’
- their reasons behind doing it
- how you can get free SSL certificate to enable HTTPS on your site
- the benefits of getting your site HTTPS
- the online Twitter debate about whether you need to do it (but you do)
- HTTPS does not guarantee security. You still have other tasks to consider to keep yourself safe online
- Google’s announcement about Chrome marking non-encrypted site as not secure
- Let’s Encrypt, the free SSL certificate to enable HTTPS
- National Cyber Security Centre’s advice on making your site HTTPS
- NordVPN – my choice of VPN to protect you online
Welcome to This Week Online Today Podcast, with your host Ahmed Khalifa. What I will be talking about is the biggest online news that have happened this week and why you should be aware of it. And don’t forget, if you subscribe to the newsletter, you’ll also receive a bonus tip of the week of what you should do about it and you’ll find that link in the share note. In the meantime, let’s get straight onto the show.
What’s up everyone? I am Ahmed Khalifa and this is episode 64 of This Week Online Today with the important news that’s been happened is that security is important to me and is important to everyone is that Google Chrome is going to mark all sites which are not encrypted with HTTPS as “not secure”. I hope you got that. This is what it is.
If you have a site that’s not secured, you’re going to be marked as “not secure” and it’s going to be even more obvious than before. Even though the people got the hint of it from different browsers, it’s going to be a bit more prominent. So it’s a big deal because Google been talking about doing it for couple of years now, I guess a bit of a long project, but you know, there seems to be more of a push from different angles to make sites HTTPS.
It’s happening! All HTTP pages will be marked “not secure” as of Chrome 68 🔐 https://t.co/eD2RsuYudM
— Google Webmasters (@googlewmc) July 24, 2018
And in Google’s statement, I’ll put the statement of the blog in the show note along with everything else, they said this is to “make it easier to know whether your personal information is safe as it travels across the web.”
So, it has taken them a long time to get these set, so they did it step-by-step. They did it by starting off by marking pages without encryption that collects these login and payment details as “not secure”. For example, you could be on a home page which is secure, but then you go to contact form and then it’s not secure at all that page, contact page. That’s what they did before, but now it’s gonna be different. It’s gonna be like almost site-wide really.
So, contact form, payment form, any kind of login information as well, you know if they’re not secure, then you’re not secure. It’s as simple as that.
Over time Google will kind of remove sites which are secure the notification in the browser, so you might have seen this, you know, you see this green button that says “secure” which is nice, but apparently Chrome is going to just only mention sites that are not secure, so if you are secure that wording will be removed in September. September 2018. And in October 2018 the not secure in that browser at the top, that will be marked as red as well. So, it’s almost like a double notification kind of thing as well.
So, again, this is to protect your users. But also it’s to kind of motivate the site owners to improve the security of a site, which you should do. If you have a site, security is essential. It doesn’t matter who you are. It’s really, really important. Now in the past, you have to pay for the SSL certificate, this is what makes your site HTTPS. It used to cost a lot of money. It used to cost hundreds of pounds and then it got down below a hundred pound, and you know, it’s kind of hovered around that area.
There are so many options now where you can get the HTTPS on your site for free. The most popular name that allows you to do that is called Let’s Encrypt. Google is a sponsor as well as other big, big names like Mozilla and Facebook and Shopify, and Cisco and Automatic, the WordPress owner. They all sponsor Let’s Encrypt and they all take it seriously about marking your site secure.
So, if you haven’t done it, you don’t have to pay for it. You should first of all check with your hosting company and see whether they can do it for you. Most decent ones anyway should offer it for free. So, check with them as well because if you have to pay a lot of money, it’s just not worth it. This is like another level. If you really, really want to have that kind of like cyber security style sort of thing. No. HTTPS what you need for your site, the free version is enough. It really is enough.
It’s great that Chrome is pushing it more. To be fair though it’s not just Chrome I mean the other browsers like Safari and Mozilla for the past few years they’ve been gradually pushing it out there their own way with their own methods. So, I’m pretty sure they’re gonna do something similar. You know, if it doesn’t happen, then it’s probably gonna happen one day in the future I think as well.
So, they’re pushing it as well and even the government, you know, the U.K. government. They’ve been pushing it as well. The NCSC, which is the National Cyber Security Centre, they say that:
“all websites should use HTTPS even if they don’t include private content, sign in pages, or credit card details”.
So, basically make it everywhere even if you don’t have any of the money sites, just do it because there are so many benefits from doing that, and I’ll come to that in a second.
What I have seen as well is that there are people on Twitter and you know what Twitter is like, people start to kind of go crazy about it. There are people out there who say that you know what, you don’t need HTTPS, and obviously it starts sort of a debate and a rant, but you know, that’s Twitter for you. And you know, there are people there who …I mean, I don’t know what their credentials. Some of them say they know what they’re talking about. They are like from a security industry and stuff like that. Others are developers and they have their own reasons why you shouldn’t have HTTPS, but you do it anyway.
I mean there’s so many benefits behind it. Not only you do need it, but the fact that you can protect your users data, you know, sensitive data like credit card information for example, that’s benefit number one. There is a ranking factor. I think most people know that, you know, if you do HTTPS it’s a ranking factor on Google, that’s another one. It gives assurance to your customers. Makes them trust you. So, that’s another one, number three.
And the brand trust, number four. Isn’t that a good thing? Don’t you want them to trust your site, if they come to your site? So, even if you don’t want it, you’re going to be marked unsecure, so that’s not gonna look good in the eyes of your audience. And then of course, ultimately, you want to avoid being labelled as not secure.
So, even if your site is like static and doesn’t have anything. If you don’t have contact form or payment form, all that kind of stuff, it’s still work protecting. Anytime anyone asks you should you do it, yes all the way. But, don’t forget as well that even though I’m talking about HTTPS and saying that’s really, really important, you’re still responsible for other things. There’s no guarantee that if you do that, that’s it you are 100% secure. You don’t need to do anything else. That’s not the case.
You still need to make sure you are doing all you can to protect yourself and those who are accessing the website, because there are things for example, taking care of your passwords. Simple, simple thing that is such a big deal that people kind of take it for granted really how important it is to use a password manager, use it effectively and use strong, unique password long form on every single website. Don’t use the same one in more than one. Ever. That’s a simple thing, but people still don’t do it. You still have people using the word “password” as password, which is not really that clever by the way. It’s not really a good idea at all. Don’t ever do that!
So, that’s one thing you can do about securing yourself. And of course, simple thing like make sure you’re not gonna click on a dodgy link in your email. These spammers are getting clever, and I’ve seen cases where the pages or the email they sent looks genuine. You know, from all these big companies. I don’t know PayPal or Amazon. It looks genuine, but you just have to check for just a few seconds. Make sure it’s a genuine email.
Look at where it’s coming from or look at the, you know, all these details inside of it. Even just hover the cursor, the mouse cursor, over the link and see what link appears on the advertising, because you need to be careful. If you click on that, that’s, you’re done. That’s their way in. You can close your browser and shut it down, but that’s it. They’ve got you. So, be very, very careful with that as well.
Even if for some reason you have clicked on it, but then ask you to log in, again, make sure that page is genuine. Check the domain. Check if it’s secure as well. Check every little thing, because again, I have seen examples where two pages, a genuine and a fake one, looks so, so similar. You have to be really, really careful with that as well.
— Jason (@_JasonMurray) February 1, 2017
Even another thing as well what people do is they use public wifi with just kind of blasé about it. You act like, it’s fine, it’s okay, public wifi, everyone does it anyway, let me just log in and do all that kind of stuff. Again, you need to be careful with that, especially if you’re gonna use some kind of sensitive information like online banking and you’re using public wifi. Don’t do that. Just don’t do that at all.
For general browsing it’s okay. I’m not gonna say it’s amazing, but you know, you need to kind of protect yourself from that. So you use your password and it’s unique, great. If you use what’s called a VPN, virtual private network, that’s kind of recommended if you’re using public wifi to kind of protect yourself. And I’ll link again to that in the show note for a recommendation on VPN.
Then of course, a simple something that people do all the time is they leave their computer on. They are logged in and then they just leave it. Just leave it alone. They walk away from it, and think you know, I’ll be okay. I’ll be fine. But you know what? It’s not all that fine, is it? It can get into the wrong hands quite easy. So, these are things like that could make a big different.
So, yes, HTTPS, it’s important, but don’t forget about all the other stuff. Do all that at the same time. I mean, you wouldn’t leave your front door open to your house. Why would you leave your website open to everyone.
If anything, you probably have a lot more sensitive information on your computer, on your online accounts which are easily accessible by anyone, than your front door. And then your front door, you know, you’re not just gonna leave it open. Same idea. Protect yourself online. Just make sure you do that. Really, really important.
So, I guess to round up. Back to Google Chrome. Make sure you update it. If you go to your Chrome browser, just go to the Setting and go to About Chrome. If it’s not updated to Version 68, then you need to update it. It’s gonna be Version 68 is one you’re gonna see only secure. And it’s gonna help you as well if you use Chrome as your main browser. That’s gonna help you as well.
So, in the meantime just be sure you protect yourself and others around you online and offline.
And I thank you for listening. I hope you find that useful and I’ll see you next time. Take care.
Thank you for listening to this episode of This Week Online Today. I really do appreciate it and I hope you find it useful. If you have enjoyed the show, please do leave a review on iTunes. It would mean the world to me. I really would appreciate that.
Thank you again. You rock and one more thing, I just want to remind you to do your thing, because it matters.
And I’ll see you next week.
Latest posts by Ahmed Khalifa (see all)
- ‘Atomic Habit’ – Book Review on How to Create Good Habits & Remove Bad Habits - 5th October 2019
- Why is My WordPress Site So Slow & How Can I Fix it? - 1st October 2019
- How to Critique Your Own WordPress Website Effectively Without Being Biased - 27th August 2019