Build security into your next website

Ben Fried, VP and CIO, emphasizes the importance of website encryption as a critical measure to protect information exchanged between a site and its users. Encryption, likened to sending a message in an envelope rather than a postcard, prevents unauthorized access and alterations by bad actors who may intercept data on open networks or inject malware. The installation of an SSL certificate is essential for ensuring data privacy across a website, and it's crucial that encryption extends beyond pages handling sensitive information like credit card details to the entire site, as even a single unencrypted page can serve as a vulnerability. To enhance security, using top-level domains such as .app, .dev, or .page, which are HSTS preloaded, ensures that browsers load these sites over encrypted connections. The process of adding a site to the HSTS preload list individually is possible but can be slow due to its integration with browser updates. With a significant portion of the U.S. population planning to create websites, partnerships with registrar partners offer discounts on secure domains and free SSL certificates, alongside educational resources to support secure site creation during National Cyber Security Awareness Month.