Why your Association’s Website should be using HTTPS for Security and Privacy

Lynne Newbury - Online Marketing Manager

Does your association or Not-For-Profit organisation website currently offer encrypted HTTPS connections to members and web visitors? Are you using HTTPS by default for administration logins? These are important questions to ask yourself and if your answer is no or you are unsure you may be putting both your site and users at risk.

Privacy no Longer  

Only recently people tend to think that nobody was listening or engaged with their online communications. Digital traffic that they generated may not have been secure or at least of little interest to anyone else.

We now know that this is certainly not the case as we increasingly lead our lives online, and this may mean exposing our personal information such as professional and financial details, interests and where communications take place. The information that is exposed through day to day activities performed on the web where we might not want anyone else to know or have access too.

Bearing in mind we know both governments and criminals actively seek to acquire such information and they can often do far more damage with it than we realise. Website hacking is on the rise as with the exposure of user’s personal and financial information.

Securing Website Connections

Web giants such as Facebook, Google, LinkedIn, Twitter, Yahoo and Dropbox have recognised this problem and have started securing all connections within their sites, along with connections between their internal servers. The problem exists with the smaller sites which lag to adapt encryption among mobile apps and sites.

Online communications can no longer be assumed to be obscure, so to maintain privacy they must be secure.

The Danger of Unencrypted Websites

Many dangers and risks exist if your website lacks encryption in regards to privacy and security. The main problems arise with your login and password details which you use to enter a site or member portal. These login credentials are easy to intercept if they are not encrypted with HTTPS. You may think your password will only be shown in circles when they appear in your web browser, but your actual password is transmitted clearly across the internet, among any other information you share about yourself. Criminals can then access that information.

Encryption and Verification used on all Member Evolution Websites

httpsPlease see example image to the left: this is what you need to look for, https:// goes infront of the www. and your site name, notice the padlock image again highlighing it is a secure site.

The Member Evolution association membership websites are all built using HTTPs meaning that everything on membership websites is encrypted. Secure Socket Layer (SSL) certificates, a protocol developed by Netscape for transmitting private documents via the internet, are obtained for all clients. SSL employs a cryptographic system that uses two keys to encrypt data. The first is a public key known to everyone and the second is a private or secret key known only to the recipient of the message. This protocol is used to obtain and verify confidential user information such as credit card details.

Security is constantly being upgraded across all systems to maintain privacy and security. If your website lacks HTTPs or you are unsure, it would be a good idea to find out to ensure your members' details are secure and safe, especially if you are taking payments online.

Learn more about how our member management software solutions integrates with Xero Accounting.