Heads up Marketers: Effective July 24, Google Chrome to mark HTTP websites “Not Secure”

by Jacky Hood on July 23, 2018 , No comments

Browser with 61% market share leads the way; Firefox will follow

Google is modifying the Chrome browser to mark the the tab of all HTTP sites Not Secure. This change has been scheduled for Chrome Release 68 due out today: July 24, 2018.

For example, a Chrome tab for the United Nations site appears on Chrome Version 67 as follows:

UN Caption1

Until the U.N. secures the site, the tab will appear as follows on Chrome Version 68:

UN Caption2

Will customers and prospective customers react negatively to B2B websites marked Not Secure? Each marketing organization will need to assess the risks against the effort and cost to change the website.

“Not secure” only refers to information shared by the user with the site such as passwords and financial information. There is no risk in simply viewing a site. However, many viewers may not understand that distinction. They may quickly close any site marked ‘Not Secure’ as they may assume this change is a warning to access such sites at their own risk.

How important is an action taken by one Browser organization? The answer for Chrome is ‘very important’. Current browser market shares are as shown in this chart (1):

BrowserShare

Following Google Chrome, the Mozilla Foundation has announced that Firefox will also soon show Not Secure for HTTP sites. (2)

Disadvantages of HTTPS include costs and effort, slow performance, no caching, and no virtual hosting. (3)

What does it cost a B2B company to change make its site “Secure” and show HTTPS rather than HTTP? There are two situations:
The company site is provided by a hosting company.
The company hosts its own website.

Hosting companies will secure the site and sell or give its users Secure Socket Level (SSL) certificates. The costs for secure sites and for certificates vary among hosting companies. Some (e.g., WordPress.com) make all hosted sites secure. Here are some prices for SSL certificates for other popular hosting companies:

  • GoDaddy: $59.99/year during a current sale; $79.99 when it comes time to renew
  • Network Solutions $59.99/year, minimum 2 years
  • Host Gator $39.99/year

Most B2B marketing companies host their own sites. This means they must encrypt their sites and purchase a certificate. While the certificate will be inexpensive (around $15/year), the work required can be substantial. The required activities depend on the web server architecture in use. Apache, IIS, and Nginx are examples of web servers.

Each marketing organization should consider the benefits and costs before changing from HTTP to HTTPS. If the company provides financial or user transactions, securing the site is a must. RightWave assists its customers in addressing such business- and technology-driven decisions and activities. For more information, contact RightWave.

References:

  1. NetApplications: “Browser Market Share” May 2018, https://netmarketshare.com/browser-market-share.aspx
  2. Bleeping Computer: “Firefox prepares to Mark All HTTP Sites “Not Secure” After HTTPS Adoption Rises” https://www.bleepingcomputer.com/news/software/firefox-prepares-to-mark-all-http-sites-not-secure-after-https-adoption-rises/
  3. RyteWiki: “HTTPS” https://en.ryte.com/wiki/HTTPS
Share this post: