I got an awesome sandwich for lunch today. I also got this email from Symantec:
Create Better Website Security. Go Beyond Encryption.
With an upcoming release of the Chrome browser, Google is providing you with a business-critical reason to secure your website and online applications.
In January 2017, Google will begin flagging non-secure sites that accept passwords or payments with a security alert in the browser—informing people that their data is not protected. Other browsers are expected to follow.
Ultimately, all unencrypted websites will include a ‘Not Secure’ alert in the browser that will:
• Erode user satisfaction and trust
• Reduce search engine ranking value
• Undermine website performance and ROI
Sometimes it pays to get outside my fluffy devops bubble and see what others think about security. For business types, their concern is the impact security warnings will have on users trusting the reputability of their site. Check out the three points at the end, none directly mention privacy or security at all.
It’s easy to dismiss such stuff, as I felt I was going to when starting to write this, but it’s one way to get people to care. If they don’t have a vested stake in it (perceived or otherwise), it’s hard to call them to action.
Now that I think about it, that could apply to many endeavours.