Build security into your next website — blog.google

If you wanted to send a secret message by mail, would you rather send it in an envelope, or on a postcard? If you send it on a postcard, anyone who saw the postcard on its way to the recipient could read the message, or even make changes to what’s written.Encryption on a website functions like an envelope, protecting information passed between your website and its visitors so it can’t be snooped on or changed. It’s what keeps your visitors safe from bad actors who may try to alter your site’s content, misdirect traffic, spy on open Wi-Fi networks, and inject malware or tracking. You achieve encryption on a website by installing an SSL (Secure Sockets Layer) certificate. This certificate ensures that the data passed between a web server and a browser remains private. To kick off National Cyber Security Awareness Month, we’re highlighting something that many website owners don’t realize—a single page that isn’t encrypted could potentially be used to gain access to the rest of the website. To avoid this, you need encryption on your entire website, not just for pages that are collecting credit card numbers or log-in info. Even unencrypted landing pages that redirect to an HTTPS page can pose risks. A single unprotected page can become a backdoor for bad actors to snoop on the rest of the site. How do you ensure your entire website is encrypted?

Read More