Google security changes mean you may need an SSL certificate
Changes to how Google Chrome treats standard HTTP websites mean that sites which collect any form of data – even simple contact forms or site search – will need a security certificate or risk being labelled as “not secure”.
Currently, where a site runs without an SSL security certificate, Google flags pages that collect client information using a “i” before the URL in the browser URL field.
SSL certificates have traditionally been used for sites that collect sensitive personal and financial data, to ensure that any data is encrypted and secure. Many websites that collect non-sensitive information have operated without SSL certificates, and simply had the pages that include forms etc subtly marked by Google Chrome.
However, all that is about to change as Google ramps up its security requirements. From July, sites that currently have any pages marked as not secure will have a stronger warning posted in the URL field across the whole site (see image below)
Google is likely to take this further in future. Alongside this change, any site that has an SSL certificate from cybersecurity software company Symantec will not only be labelled as insecure but any links in Google will take the user straight to a warning page, rather than the site itself.
It is suspected that Google will eventually treat all “non secure” sites in this way.
Certification applies not only to websites but also applications such as webmail and online CMS systems.
We are recommending that all clients who have any form of data capture on their site should now purchase an SSL certificate.
You can check if you have a certificate in a couple of ways:
Call your site up in Google Chrome and check whether there is a “i” in place before your URL. If there is, you will need to get an SSL certificate.
If you already have a certificate you should see a padlock symbol instead.
Get in touch with us on 0117 3250091 or email us if you think you may need to get an SSL certificate installed on your site.