Welcome!

News Feed Item

Millions of websites using HTTP may be labeled "Not Secure" with July Google Chrome update

DigiCert supports Google action to improve user security and offers free tools to help admins

LEHI, Utah, July 3, 2018 /PRNewswire/ -- DigiCert, Inc., the leading global provider of SSL/TLS certificates and other PKI solutions for securing web traffic and the Internet of Things (IoT), is providing industry guidance that millions of websites are not encrypted by default and may receive security warnings for visitors using Google Chrome browsers once Chrome 68 stable updates go live on July 23.

DigiCert is a leading provider of scalable security solutions for a connected world. The most innovative companies, including the Global 2000, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. Learn more at digicert.com or follow@digicert.(PRNewsFoto/DigiCert)

With the release of the Google Chrome 68 browser, any web page not running HTTPS with a valid TLS certificate will show a "Not Secure" warning in the Chrome address bar. This warning will apply to internet-facing websites and potentially millions of corporate/private intranet sites accessed through Chrome, which has about 60 percent market share, according to publicly available data.

Chrome released HTTPS conversion tools and data earlier this year that indicated that up to 78 percent of Chrome traffic is encrypted. Internal DigiCert research found that 43 percent of the Alexa 1 million sites used HTTPS by default, while a W3Techs June 2018 survey reported that HTTPS is the default protocol for 35 percent of the top 10 million websites. This leads to the conclusion that many smaller and less-trafficked sites may still rely on HTTP.

"The Chrome 68 update will hopefully spur the millions of sites still using HTTP to adopt HTTPS. The data shows that while the web has made tremendous strides toward greater user security, there are still many sites that need to catch up to avoid the 'Not Secure' warnings," says DigiCert Chief Product Officer Jeremy Rowley. "We urge IT administrators to check the sites they look after and deploy the appropriate TLS certificates."

"The advent of encryption everywhere is a positive development for user security," explains Rowley, "We support Google's action to promote HTTPS use by default and want to make sure website administrators are aware of the coming changes and have resources to make the necessary changes to their web server operations."

"In some instances, administrators may believe they don't need certificates on all pages, but incorrect configuration and deployment will still lead to warnings within Chrome," Rowley adds.

Avoiding warnings is important. According to a 2018 "Internal Website Security Seal Study" by Ipsos Group S.A, 87 percent of internet users will not complete a transaction if they see a browser warning on a web page. While 58 percent of respondents go to a competitor's website to complete their purchase.

"There are a number of options that website administrators can use to quickly enable HTTPS on their website, ahead of the deadline," says Rowley. "Besides encryption and authentication of website traffic, digital certificates can boost SEO rankings, reduce bounce rates, and help minimize abandoned shopping carts."

For concerned website administrators and security teams, DigiCert offers free tools, the Certificate Utility for Windows and DigiCert SSL Tools designed for administrators that use TLS certificates for websites and servers or code signing certificates for trusted software. The freely downloadable tools feature automatic CSR creation and TLS certificate installation along with root certificates, intermediate certificates and private key management.

DigiCert has also launched a free guide on certificate management to help administrators stay up-to-date on best practices and reduce the chances of a certificate being neglected or mismanaged.

"Although Google Chrome is the first browser to deploy such a visible warning system on non-HTTPS websites, this direction will likely be followed by others such as Microsoft, Apple and Mozilla," says Rowley. "HTTP 2.0 requires TLS encryption in major browsers. As the major browsers migrate to the newer technology, websites will find certificate deployment becoming increasingly important."

For more information, visit https://www.digicert.com/avoid-browser-warnings/.

About DigiCert, Inc.
DigiCert is a leading provider of scalable security solutions for a connected world. The most innovative companies, including the Global 2000, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports SSL/TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management platform, CertCentral®. The company has been recognized with dozens of awards for its enterprise-grade management platform, fast and knowledgeable customer support, and market-leading growth. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

 

Cision View original content with multimedia:http://www.prnewswire.com/news-releases/millions-of-websites-using-http-may-be-labeled-not-secure-with-july-google-chrome-update-300675751.html

SOURCE DigiCert, Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Serverless applications increase developer productivity and time to market, by freeing engineers from spending time on infrastructure provisioning, configuration and management. Serverless also simplifies Operations and reduces cost - as the Kubernetes container infrastructure required to run these applications is automatically spun up and scaled precisely with the workload, to optimally handle all runtime requests. Recent advances in open source technology now allow organizations to run Serv...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It's clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Th...
The benefits of automated cloud deployments for speed, reliability and security are undeniable. The cornerstone of this approach, immutable deployment, promotes the idea of continuously rolling safe, stable images instead of trying to keep up with managing a fixed pool of virtual or physical machines. In this talk, we'll explore the immutable infrastructure pattern and how to use continuous deployment and continuous integration (CI/CD) process to build and manage server images for any platform....
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. This...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and co...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Public clouds dominate IT conversations but the next phase of cloud evolutions are "multi" hybrid cloud environments. The winners in the cloud services industry will be those organizations that understand how to leverage these technologies as complete service solutions for specific customer verticals. In turn, both business and IT actors throughout the enterprise will need to increase their engagement with multi-cloud deployments today while planning a technology strategy that will constitute a ...
GCP Marketplace is based on a multi-cloud and hybrid-first philosophy, focused on giving Google Cloud partners and enterprise customers flexibility without lock-in. It also helps customers innovate by easily adopting new technologies from ISV partners, such as commercial Kubernetes applications, and allows companies to oversee the full lifecycle of a solution, from discovery through management.
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...