SSL Certificates – Google’s Latest Security Update & GDPR

By the end of October 2017 if your website features any kind of text input Google will begin displaying a ‘not secure’ warning to users if you don’t have a valid SSL certificate. In recent months Google has been introducing a new initiative to help users browse the web safely, and this is included in the latest roll out.

The upcoming update that will be applied to the Google Chrome web browser includes a requirement for an SSL certificate on any page that contains a contact form, quick quote form or any kind of text input. Without it, users of the Chrome and Firefox browser will be warned that the page is not secure.

Once applied your web address will begin with “https://” rather than the standard “http://” – and will mean you avoid visitors to your website seeing the following:

 Website Not Secure

What’s an SSL Certificate?

SSL stands for Secure Sockets Layer and once introduced will create an encrypted link between any website and its hosting server. This ensures that any data that passes between them is secure.

Previously webmasters were only required to introduce an SSL certificate for websites that gathered sensitive information such as payment details and passwords. However, Google are about to introduce a new level of web security which effects any website that contains any kind of text input – such as your contact and enquiry forms.

Without introducing an SSL certificate, the worry is websites will take a serious hit in the level of customer enquiries they receive, and a reduced level of trust in web security, which will result in potential customers avoiding your website. Interest users are becoming savvy to the little padlock symbol which shows a website is secure, a valid SSL certificate will automatically make this visible.

In May 2018 The Law Is Changing

From 25th May 2018, General Data Protection Regulations (GDPR) come into force. The new regulations are complex but include clear rulings on the transfer and storage of any personal data.

By this date all online transfers of personal data must be encrypted by law, not just to comply with a Google safe guarding initiative. This includes contact form submissions, email subscriptions and even data passed from Google Analytics.

These new data protection laws are a big deal which you will hear about a lot – if you process any kind of personal data online you will not be able to ignore it.

So What Do You Need To Do?

In simple terms you should ask yourself the following questions:

Question 1: Does your website have any kind of text input – including contact forms, search boxes or logins?
Question 2: Check your full website address in your browser, does it start http://?

If you’ve answered yes to both these questions, you need to act now to avoid being caught by this update.

An SSL certificate can be purchased from your website hosting provider, costs can vary but it will usually be charged at an annual fee. With this in mind, your first task is to contact your website hosts who will be able to provide the correct guidance.

If you need any help or have any further questions please don’t hesitate to contact us.

Did you find this article interesting? Why not share it with your friends and colleagues?