In the last few years, HTTPS encryption has played an increasingly vital role across the Internet, impacting everything from your website’s SEO to user trust and confidence. Given the role security and trust plays in Google’s search business, it’s no surprise they take the security of the web seriously. Last week, Google made a shocking announcement when it announced it would no longer recognize more than 30,000 security certificates issued by Symantec and its owned companies.
Effective immediately, Google Chrome will stop showing sites with certain Symantec-issued certificates as secure. The move comes after more than a year of rebukes from Google toward Symantec issuers, and Google will continue to nullify sites with Symantec security certificates during the coming months.
We built a tool to check if your site’s security certificate will be recognized by Google – and other browsers – in the future. Check it out here:
While a relatively small amount of websites will be affected by Google’s announcement, many enterprise-level sites rely on Symantec’s extended validation certificates. As a user, you should remain aware of potentially compromised sites, and businesses must ensure their sites remain secure.
For its part, Symantec claims only 127 faulty certificates were issued, and those resulted in no consumer harm. Regardless of the number of insecure certificates, Google’s latest move shows it remains willing to take decisive action to protect its users through verified security. If Mozilla and Microsoft follow suit in refusing to recognize Symantec-issued certificates, it could spell big trouble for a company whose foundation is online security.
Want to know more? Drop us a line.