Tag: encryption

Chrome to mark HTTP as ‘not secure’

Google Chrome currently marks HTTPS-encrypted sites with a green lock icon and “Secure” sign. And starting in July, Chrome will mark all HTTP sites as “not secure.” Google hopes this move will nudge users away from the unencrypted web. Read on to learn more about the forthcoming changes.

For several years, Google has moved toward a more secure web by strongly advocating that sites adopt the Secure HyperText Transfer Protocol (HTTPS) encryption. And last year, Google began marking some HyperText Transfer Protocol (HTTP) pages as “not secure” to help users comprehend risks of unencrypted websites. Beginning in July 2018 with the release of a Chrome update, Google’s browser will mark all HTTP sites as “not secure.”

Chrome’s move was mostly brought on by increased HTTPS adoption. Eighty-one of the top 100 sites on the web default to HTTPS, and the majority of Chrome traffic is already encrypted.

Here’s how the transition to security has progressed, so far:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

HTTPS: The benefits and difference

What’s the difference between HTTP and HTTPS? With HTTP, information you type into a website is transmitted to the site’s owner with almost zero protection along the journey. Essentially, HTTP can establish basic web connections, but not much else.

When security is a must, HTTPS sends and receives encrypted internet data. This means that it uses a mathematical algorithm to make data unreadable to unauthorized parties.

#1 HTTPS protects a site’s integrity

HTTPS encryption protects the channel between your browser and the website you’re visiting, ensuring no one can tamper with the traffic or spy on what you’re doing.

Without encryption, someone with access to your router or internet service provider (ISP) could intercept (or hack) information sent to websites or inject malware into otherwise legitimate pages.

#2 HTTPS protects the privacy of your users

HTTPS prevents intruders from eavesdropping on communications between websites and their visitors. One common misconception about HTTPS is that only websites that handle sensitive communications need it. In reality, every unprotected HTTP request can reveal information about the behaviors and identities of users.

#3 HTTPS is the future of the web

HTTPS has become much easier to implement thanks to services that automate the conversion process, such as Let’s Encrypt and Google’s Lighthouse program. These tools make it easier for website owners to adopt HTTPS.

Chrome’s new notifications will help users understand that HTTP sites are less secure, and move the web toward a secure HTTPS web by default. HTTPS is easier to adopt than ever before, and it unlocks both performance improvements and powerful new features that aren’t possible with HTTP.

How can small-business owners implement and take advantage of this new interface? Call today for a quick chat with one of our experts to get started.

Published with permission from TechAdvisory.org. Source.

Protect your Mac from security threats

Mac users follow certain steps to maintain privacy and protect company data. But if you’re too busy or short on resources, you might place security lower on your to-do list. Whatever your reason, the threat is real and you need to take steps to protect yourself.

Check your Privacy Settings

Begin by making sure that your Mac settings are set up properly to keep your information safe. Click System Preferences (the gear icon along the bottom of your screen), then open the Security & Privacy pane, which contains four tabs that allow you to manage different security features. You should do this with an administrator account so the changes affect everyone who uses this computer.

Take Advantage of the Firewall

One of the biggest steps you can take to protect your computer is to enable macOS’s built-in firewall to block unwelcome network connections. Just go to the Firewall tab in the Security & Privacy settings, click on the padlock at the bottom of the screen, and key in your username and password. Then enable firewall by clicking on Turn On Firewall.

To modify its settings, click on Firewall Options just below the Turn Off Firewall button. A dialog box will pop up and you can click on Enable Stealth Mode. Turning on Stealth Mode will make your Mac invisible on public networks (like an unsecured coffeeshop WiFi).

In the Firewall Options, you will also find a list of services and apps that are allowed to receive inbound connections. If you want to add an app or service to the list, just click the ‘+’ button below the list itself. However, we recommend keeping this list as short as possible because any app connected to the list can be exploited.

Set Up a Firmware Password

Nowadays, macOS/Mac OS X automatically turns on FileVault encryption. This means that it encrypts the hard drive by default, and the only way it can be accessed is by logging in. Keep in mind, though, that this feature won’t necessarily save your account in case someone reinstalls macOS/OS X, or when they use a USB memory stick to boot the Mac and possibly remove all data from your hard disk.

To increase protection, set up a firmware password. To do so, restart your computer, and then press and hold down Cmd+R before the Apple logo shows up on screen. You can let go of the keys once the progress bar pops up.

Choose your location and language when asked, then click on the Utilities>Firmware Password Utility menu. Simply follow the instructions here, and make sure to never forget or misplace your password. Forgetting your firmware password can be quite a hassle because only Apple technicians can recover it.

Ensure that your confidential data remains confidential simply by performing minor tweaks on the system settings. It takes only a few minutes of your time to ensure lasting online protection. If setting up a firewall or firmware password sounds a little too advanced for you, don’t hesitate to get in touch with our experts.

Published with permission from TechAdvisory.org. Source.