Google’s push to make the web more secure by flagging sites using insecure HTTP connections appears to be working, but not for Canadian law firm websites. In a recent survey by HostedinCanada.com, a leading Canadian web hosting provider, they revealed over 90% of law firm websites in 3 major Canadian markets Calgary, Toronto and Vancouver are still NOT using https for their websites.
This is something that Google has been heavily pushing by flagging and pressuring sites that hadn’t yet adopted HTTPS.
As you may recall, Google announced just over a year ago it would begin flagging all websites using insecure HTTP connections to transmit private information like passwords or credit information as “not secure” in the Chrome browser. It later expanded those protections to include when users entered any type of data on an HTTP page, including in Chrome’s Incognito mode. MORE Importantly it expanded those protections AGAIN to include when users entered any type of data on an HTTP page, including in Chrome’s Incognito mode. And as of Oct 2017 76%+ of the world uses the Chrome browser.
Dean Wolf, President at Hosted In Canada, says: “You can find more details on our website for FREE, and how to fix it this. We also offer a solution, that works really well for lawyers and law firms, as there just too busy to deal with it. We offer a solution and a special PROCESS for lawyers and there IT teams, and if they don’t have an IT team, we can manage the process for them.
Google is pushing back against websites with URLs that begin with “http” – no “s” – because they don’t encrypt information between the user and the website. Communication can be insecure and the user’s interactions with the website can be “hacked”, yes hacked..
The internet would be a safer place if all website traffic was encrypted and Google is pressuring companies into encrypting their websites with the HTTPS protocol by warning website visitors about un-encrypted sites. Beginning in October 2017, Google’s Chrome browser will display the message “Not Secure” in RED when users interact with an un-encrypted webpage:
In September 2016, Google began letting companies know that increased warnings about websites using the HTTP protocol were coming very soon. Nevertheless, Pure Oxygen estimated that 40% of the top 100 internet retailers were still using the HTTP protocol in mid-August 2017.
Dean Wolf, President at Hosted In Canada, says “Our survey of law firm websites clearly shows they are way behind.” It seems that many firms don’t think their customer’s security is important enough to abandon the outmoded HTTP protocol and switch to HTTPS. Dean says, “we reach out to about 10 or so law firms a week to warn them, but time is running out.”
The “Not Secure” warnings are part of Chrome 62 (the current version is 62.0.3202.62) which has a planned October 2017 roll out. Not everyone will have the latest, but over the next few months a majority of Chrome browser users will. With Chome owning the browser market, it will only be a short time before all browsers adopt the same warnings. If you see the warning and you want to help send all website owners feedback saying you’re unhappy with their unsecure website. A little consumer unhappiness and participation can go a long way toward changing that typical response of “yeah, yeah, we’ll get to it later” to “let’s switch to HTTPS NOW!”