Google to show "Not Secure" Message with websites that don't have HTTPS

Important Announcement – Google to Begin Showing “Not Secure” Message in Websites that Don’t Have SSL

Google has announced that with the release of Chrome v68 in July, 2018, Chrome will begin showing a “Not Secure” message in the address bars of websites that do not have SSL certificates and which accept any type of user input (such as information added through a contact form).  Thus we are strongly suggesting that all law firms install an SSL certificate in order to avoid this message.

The Current Display, and What Will Happen after the New Release of Chrome

Currently, Google Chrome, Firefox, and other browsers now show an “i” icon in the address bars for websites that do not have SSL security.  With the change in Chrome next month, the address bars of sites without SSL security in Chrome will look like this:

After the installation of the SSL certificate, the address bar will look like this:

We are recommending two solutions for SSL certificates.  The certificates in both of these solutions are functionality equivalent, and both will result in the same green lock, the “Secure” text, and “https”.

Cloudflare SSL Certificate

Cloudflare offers an SSL certificate, additional security enhancements that can help in the case of a brute force attack on a website, and functionality that may help in increasing website speed.  To use Cloudflare, we need to move the DNS records for a firm’s domain to Cloudflare (which is easy to do).  This is the solution that we normally recommend.

Installing another 3rd Party Provider SSL Security Certificate

There are a variety of SSL certificates that are available from other third parties.  The certificates that we recommend typically range in price to free or low cost (perhaps $10/year), to those that are much more expensive (sometimes $100 or more per year).

All of the SSL certificates offer the same basic encryption, as well as the green “lock” icon in the address bar.  The primary difference for the more expensive certificates is that they usually will offer more insurance in the event that the certificate itself proves not to be secure.  The risk of this occurring is low, and the insurance provided is typically more of a concern to e-commerce companies that accept credit card information. (Note – law firms that accept credit card payments through third party providers, such as Law Pay, will almost always use the payment gateway of the credit card provider, even though it appears to clients that they are paying through the firm’s website).

What Solution Will Be Best for Your Firm?

Please call us at 520-395-6525 to discuss your law firm’s SSL needs, and we will be happy to explain the options available.  Typically, it takes approximately 2-3 hours to install the certificates.