HTTPS Everywhere is about more secure surfing across the web. How do your clients feel about TLS/SSL for a simple site? Unconvinced? Listen to big G to help you with talking points: Google I/O 2014 – HTTPS Everywhere – YouTube
Some takeaways
- More than just encryption, we need SSL for authentication and data integrity
- One insecure connection may not amount to much, but many can tell someone a lot about you
- Makes sure that you are communicating with the right server, not a malicious look-alike
- Attackers can’t: listen in, impersonate a site, or tamper with data
- Certificates are relatively inexpensive and there are even free services coming online
- Proper TLS configuration can equal fewer handshakes, fewer sockets, fewer buffers and faster page load times with less server load
- Make sure that you do your due diligence when converting from HTTP to HTTPS
No Comments