508-909-5961 [email protected]

Why HTTPS matters for websites and what you need to know about itWhen you visit a website, do you see a padlock icon on the browser's address bar? That’s one of the first signs that a website is safe to visit. That padlock is a security feature that authenticates websites and ensures that the data that users submit to that site is protected. Another sign that a […]

The post Why HTTPS matters for websites and what you need to know about it appeared first on Complete Technology Resources, Inc..

Why HTTPS matters for websites and what you need to know about it

When you visit a website, do you see a padlock icon on the browser's address bar? That’s one of the first signs that a website is safe to visit. That padlock is a security feature that authenticates websites and ensures that the data that users submit to that site is protected. Another sign that a site is secure is if its URL has an “S” after the “HTTP” prefix. Here’s what you need to know about that “S.”

HTTPS encryption

The “S” in HTTPS stands for “secured.” It was introduced in 1995, so older websites that have been left on their own without regular maintenance usually don’t have it. But even to this day, unsecure websites exist, and fraudsters can easily take advantage of them.

When you visit a site with an HTTP connection, everything you type or click on that website is sent without encryption. This means that anyone who intercepts the data transferred between the website and your computer can view them as is. Cybercriminals know this, and they can exploit this fact to gain access to your Social Security number, credit card information, and other personal data. This puts you at risk of identity theft and other fraudulent activities.

HTTPS certificates

When you visit a website, your computer uses an online directory to translate its alphanumeric name into a numerical address. It then saves that information on your computer so that it doesn’t have to check the online directory every time you visit the same website.

In case your computer gets compromised, it could be manipulated into directing a perfectly safe web address like www.google.com to a malicious website. Most of the time, users are sent to sites that look exactly like the legitimate site but are actually fake copies designed to trick them into divulging their credentials.

To prevent such incidents from happening, the online directories mentioned earlier issue an ecosystem of certificates that turn HTTP into HTTPS, making it impossible for anyone to be redirected to a fraudulent website.

How does this affect our daily browsing habits?

We often visit a multitude of websites in a short period of time without checking each one for padlocks and certificates. Unfortunately, we can’t ignore the importance of HTTPS, so here are a few things to consider the next time you browse the internet:

  • If your browser marks a website as “unsafe,” think twice about clicking “Proceed anyway.” Click the prompt only if you are absolutely certain no confidential data will be transmitted.
  • Add web browser extensions such as HTTPS Everywhere that create encrypted connections to unencrypted websites. These extensions encrypt your communication with websites and are compatible with Chrome, Firefox, and Edge browsers.
  • Always be vigilant. Some sites may have HTTPS, but it doesn’t mean they’re safe. For example, goog1e.com (with the “l” replaced with a one) could have a certificate, but the misspelling clearly indicates that it’s an untrustworthy site. Cybercriminals use similar spellings of authentic websites to fool people into thinking that they’re on a secure site. This is called typosquatting or URL hijacking.
  • And perhaps, just follow the easiest step of all: avoid sites that don’t use the HTTPS prefix.

If you want to learn more about safer browsing habits and endpoint security, give our office a call.

Published with permission from TechAdvisory.org. Source.

The post Why HTTPS matters for websites and what you need to know about it appeared first on Complete Technology Resources, Inc..

Read More

Better internet security: Easy as 1, 2, 3The internet is not such a bad place to be in — for as long as website owners do their share in keeping it safe for their visitors. Here are three tips to do exactly just that. Tip 1: Use HTTPS Short for Hypertext Transfer Protocol Secure, HTTPS indicates that a website has an extra […]

The post Better internet security: Easy as 1, 2, 3 appeared first on Complete Technology Resources, Inc..

Better internet security: Easy as 1, 2, 3

The internet is not such a bad place to be in — for as long as website owners do their share in keeping it safe for their visitors. Here are three tips to do exactly just that.

Tip 1: Use HTTPS

Short for Hypertext Transfer Protocol Secure, HTTPS indicates that a website has an extra layer of security for its users. This layer encrypts data exchanged between a user’s browser and the web server that delivers the data requested by the user. To use a simpler comparison, imagine someone tapping your landline, but instead of getting to listen in on your conversations, they’ll hear people speaking in tongues instead.

In August 2014, Google Chrome, the world’s most popular browser, announced that having HTTPS makes your website rank higher in its search algorithm. And since October 2017, the browser began flagging non-HTTPS websites as not secure whenever users try to fill out something as simple as a contact form on it. In July 2018, Chrome started showing a “not secure” warning on any website that does not implement HTTPS, whether or not users are filling out a form there.

Because of Google’s measures, the security protocol has been widely adopted. Even if your website does not contain or ask for sensitive information, implementing HTTPS engenders trust and a sense of security among internet users, while remaining on HTTP will make web visitors abandon or avoid you sooner or later.

Tip 2: Embrace multifactor authentication (MFA)

Since account credentials can be easily stolen via phishing attacks, username and password combos are no longer enough to keep bad actors at bay. To ensure that the one accessing an account is truly that account’s owner, additional identity authentication steps must be implemented.

These steps can involve the use of the account holder’s device — the one logging in must first verify their phone number, receive a one-time password on their smartphone, then enter that code in the access portal before the code’s validity lapses. Alternatively, MFA may ask for a face, retina, voice, or fingerprint scan for authentication.

MFA can be a bit of a hassle for your internal and external users, but a little inconvenience is a small price to pay for immensely effective cybersecurity.

Tip 3: Update browsers and devices

Did you know that dated versions of browsers, operating systems, and even other software packages can create an easy entry point for hackers? Often, new updates are created specifically to fix security holes. However, people tend to procrastinate and leave applying updates for another day. Hackers take advantage of this by searching for outdated devices to infiltrate while their victims watch YouTube on last year’s version of Firefox.

Yes, installing an update might take 15 minutes of your time, but this time investment can pay dividends in terms of preventing a security breach that could cost you or your business thousands.

Looking for more tips to boost your internet security? Get in touch to find out how we can help.

Published with permission from TechAdvisory.org. Source.

The post Better internet security: Easy as 1, 2, 3 appeared first on Complete Technology Resources, Inc..

Read More