Another development in the on going saga of insecure websites; as of January 1st 2017, if your website asks for credit card details or transmits passwords and does not use a HTTPS connection, you will be flagged as 'insecure' to your customers by Google Chrome. 

What does this mean for HTTP Websites?

Hopefully this will highlight the need for security considerations, building on SAQ requirements and encouraging more eCommerce websites to become secure. Giving customers an easy way of detecting the company's security standpoint may shift the view of companies considering becoming secure to needing to be secure, in order to maintain a good reputation.

As HTTPS alone does not provide certainty of security, further needs to be done by large organisations such as Google to prompt businesses to take action. Cyber Security shouldn't just be an 'ideal', or something that seems unobtainable by smaller companies. 

I'm a very small online retailer - what can I do?

Other than being HTTPS certified, it's also important to factor in a comprehensive security solution. Luckily, this doesn't need to cost an extortionate amount. 

Read more about The Security Risk for Small and Startup Companies and 11 Steps to Improve Your Online Security