Here’s something that not a lot of people know.
There’s a goal in mind for the web and that is to enable every website address to begin with https:// instead of http:// so that the data that passes between site and sender/visitor is encrypted. Google are big supporters of it amongst others.
Here’s something that not a lot of people know either.
This is the how the various web browsers that people use globally compare and yes, back there in the distance is Internet Explore & Edge with Chrome beating way out in front.
Why are these ‘pub trivia’ facts important?
Well, at the end of January this year, Google’s latest version of Chrome (v56) (the dead popular one) will ultimately start telling visitors to your school website whether it’s secure or not.
What are the benefits of going secure?
- When you’re logging in to your school website to update it with new content, an encrypted secure connection (Secure Socket Layer Certificate) comes into it’s own. SSL means that when you enter your username and password to update the site for example, the login information travels securely to it’s destination making access to your website even more secure.
- Noone wants Ofsted raising their eyebrows when they visit your site – life is hard enough complying with DfE information requirements – and every little helps. (there is no requirement for SSL from DfE or Ofsted as of 17/1/17)
- Your parent & carer community will see ‘SECURE’ being directly associated with the school which has to be good.
- In 2011 Google announced that they were making changes to help secure sites do better in searches and to date this has remained the same.
What can your school do about it?
Your web site host will have a very easy and quick method of applying a security certificate to your website thus making it secure for visitors and site managers. It’s pretty rare that the school tech support would touch this job so unless they’re the person who built and hosted your website we suggest leaving them well alone. This Google site has a technical guide for how to implement an SSL so if your tech is the person they may want this link. Schools who have a Blippit Site are already compliant with SSL in place.
Our suggestion would be to get the ball rolling tomorrow with a quick email to your provider saying:
We’d like you to apply an SSL certificate to our school website please. We’d like to do this for 12 months initially and need this in place by February or March at the latest. Can you let us know what we need to do on our part to do this e.g. forward an email from the certificate issuing authority to you when it comes?
<School Who Knows What They’re Talking About>”
What happens if we don’t get a security certificate applied to the school website?
You can carry on as you are and everything will stay the same. The main issue is that the world’s most widely used web browser will start telling visitors that your site is not secure and in this day and age that’s probably not what you want.
Good luck & support a more secure web!
LetsEncrypt runs the certificate authority that issues free SSL certificates so cost is no longer a barrier to using HTTPS and both Google and Mozilla to actively promote and recommend the use of HTTPS as standard.