Making the Switch to HTTPS

Has your organization made the switch to HTTPS?

What is HTTP/HTTPS?

HyperText Transfer Protocol (HTTP) is how computers request websites to display.

When you type “http://www.blinktag.com” into your browser, your browser asks a server to lookup and send it everything on the associated page. When you click on a link, you’re sending another request. Information goes back and forth, and this is how we’ve typically browsed the internet.

HTTPS is a more secure version of this, because it encrypts requests and data as they move back and forth. Instead of a simple two-way exchange, HTTPS introduces a third player: a Certificate Authority. The Certificate Authority gives your browser and server each a special key. That allows the browser and server to encrypt information before sending it, so that it can only be decrypted and viewed by its intended recipient.

An overview of how HTTPS introduces encryption.
This image is a simplification. For more, see this post from the Electronic Frontier Foundation.

Why does it matter?

HTTPS has three key advantages over HTTP:

  • Security. HTTPS makes it harder for people to interfere with your connection. It’s much easier to eavesdrop on an unencrypted HTTP exchange, or even inject their own malicious content. At a minimum any page involving personal information, like credit cards or passwords, should absolutely use HTTPS, but many argue that there’s no such thing as public browsing information.
  • Speed. HTTPS is newer, so it uses more modern protocols that allow it to greatly speed up website loading.
  • Search. Google’s search algorithms prefer HTTPS-encrypted websites, so encrypting a website will allow it to show up higher in Google search results.

The UK requires all its government agency websites to use HTTPS. 18F, the US Federal Government’s de facto tech innovation office, is encouraging the USA to do the same.

How to make the switch?

Fortunately, switching a website to HTTPS is surprisingly straightforward. For most sites, it only requires buying and installing a Secure Sockets Layer (SSL) certificate. This can a couple hours with your hosting service. SSL certificates used to be pretty expensive, but the Electronic Frontier Foundation and others created a free Certificate Authority called Let’s Encrypt, so the SSL certificate itself could be free.

Ready? If BlinkTag already hosts your website, tell us you’d like to switch to HTTPS. If not, get in touch and let’s start making your website more secure, quicker to load, and more discoverable.

Leave a Reply

Your email address will not be published. Required fields are marked *