Secure Your Website

From the Google Blog. Advice as to securely encrypting your online sites, beyond Https.    Its National Cyber Security Awareness Month.   Technical, but worth talking with the people that set you up.

Build security into your next website  By Ben Fried

VP, CIO & Chief Domains Enthusiast
Published Oct 1, 2019

If you wanted to send a secret message by mail, would you rather send it in an envelope, or on a postcard? If you send it on a postcard, anyone who saw the postcard on its way to the recipient could read the message, or even make changes to what’s written.

Encryption on a website functions like an envelope, protecting information passed between your website and its visitors so it can’t be snooped on or changed. It’s what keeps your visitors safe from bad actors who may try to alter your site’s content, misdirect traffic, spy on open Wi-Fi networks, and inject malware or tracking. You achieve encryption on a website by installing an SSL (Secure Sockets Layer) certificate. This certificate ensures that the data passed between a web server and a browser remains private. 

To kick off National Cyber Security Awareness Month, we’re highlighting something that many website owners don’t realize—a single page that isn’t encrypted could potentially be used to gain access to the rest of the website. To avoid this, you need encryption on your entire website, not just for pages that are collecting credit card numbers or log-in info. Even unencrypted landing pages that redirect to an HTTPS page can pose risks. A single unprotected page can become a backdoor for bad actors to snoop on the rest of the site. How do you ensure your entire website is encrypted? ... "