Over the past few years, web browsers have been nudging millions of site owners toward a more secure internet. You’ve likely become trained to look for the small green “Secure” badge next to a site’s URL (especially before entering any sensitive information). The badge signifies when a website is utilizing an encryption safety measure also known as an SSL certificate or HTTPS.
Now all that will be changing. Again.
Instead of displaying the green “Secure” badge, web browsers will instead identify the websites that don’t take secure measures with SSL certificates.
Essentially, web browsers are making it incredibly easy for everyday internet users to identify an unsecure website. This is why Google Chrome’s July 2018 update hits so hard at non-HTTPS sites.
If your site doesn’t have an SSL certificate, site visitors will see a “Not Secure” warning (pictured below) in their browser.
This and other changes are all part of a larger shift towards ensuring a more secure web. In fact, Google Chrome will soon drop the green “secure” badge altogether. In the future, the only time you will see extra markings is when you’re browsing a website that is unsecure.
So the new reality is that site owners will need to conform to new standards. As internet users begin assuming sites are secure, they will definitely notice a very large sign practically warning them to stay away. If you fail to adopt the new standards, you’ll be faced with a somewhat embarrassing situation that damages your website’s credibility.
Frankly, SSL requirements shouldn’t come as a surprise. Over the last several years, major internet browsers like Google Chrome have hinted ( not so subtly) at their intention to force developers’ hand: Move your site to HTTPS or face the consequences.
And while a secure web is generally good news for the world, some unsuspecting and slow-moving organizations may be left scrambling to update their websites as they become clearly marked “Not Secure.”
The good news: eCatholic knew this was coming. That’s why all eCatholic-powered websites come equipped with free SSL (an update first announced in 2016). We’ve taken the steps to guarantee that you don’t have to worry about the technical headache of setting up SSL or facing additional fees for the technology.
So, if you’re an eCatholic customer: Great! Don’t worry because we got this taken care of already. Your site automatically has an SSL certificate with no extra work on your part. :)
If you’re not yet set up with eCatholic, don’t panic. When your current website platform doesn’t provide free SSL:
If you’re not a tech guru, it’s easy to think: “What’s the big deal, anyway?” Here is the simplest way to explain it...
SSL stands for Secure Sockets Layer, which is a security protocol that secures data transferred between two machines using encryption. The easiest way to identify a site with SSL is to look at the site's URL: If you see HTTPS ("S" meaning "secure"), the site has SSL. If you see HTTP, it does not.
Technical note: SSL is actually a predecessor to what is now known as TLS, or Transport Layer Security. This article refers to SSL and TLS interchangeably as the TLS protocol is commonly called SSL.
So when a website has an SSL certificate and HTTPS is present in the URL, it means the site and web browser are communicating in their own encrypted language. Thus, an intruder cannot easily exploit or tamper with the information being exchanged on the site.
And with all the coming changes, web browsers are just making it so that more internet traffic is occurring on secure sites. It's a way to protect everyone, a win-win!
Even though a site has SSL and is communicating via encryption, that doesn’t mean the site itself is safe for you to use. Anyone, even scammers, can get an SSL certificate. Make sure you know what sites you are visiting, and what links you are clicking on. So don’t assume that extra “s” for secure also means safe, or smart, or super-okay. Just be careful.
Now is a great time to check any external links you've added to your website (i.e., links that send people off of your website and onto a different site). Whenever you add an external link, make sure you are sending your site visitors to a URL with HTTPS. If an external site doesn’t seem to have an SSL certificate, you may want to inquire if they are planning on making the necessary changes to obtain one. That way it doesn’t appear that you are sending visitors to unsecure sites.
(Similarly, whenever you're embedding content on your site from another source, make sure the embed code you use includes HTTPS in the URL.)
Some examples of external links parishes and schools may use include:
More good news: eCatholic customers already have the benefit of using these types of services built right into their websites. To ensure the security of your site and content, it's best to have bulletins and newsletters published directly to your site. Likewise, it's a great idea to collect information and registrations via integrated online forms directly on your site, and allow online giving through secure donation and payment tools found on your site's pages. When sharing other Catholic content or evangelization media, verify it's coming from a secure, credible source. In addition to the security benefits of these strategies, it's always best for you if your visitors stay on your website. :)
So don’t be left feeling insecure over all the talk about website security. With all the changes happening now (and it the future) we will do our part to continue to stay ahead and keep you informed.
We've got you covered. Try a free 30-day trial of our tools. eCatholic is incredibly powerful, yet remarkably simple to use.