How to Update Your Website to Meet Chrome’s New Security Standards

Google will release Chrome 70, the latest version of the Internet’s most widely used browser, on October 15. It will have stricter requirements for website security.

Google has announced that the new version of Chrome will no longer trust SSL certificates issued by Symantec “due to a pattern of questionable certificate issuance practices.”

If your site is not secure (using https://) or if it uses a security service not considered safe by Google (Symatec is the largest such vendor now considered unsecure), Chrome may no longer display your site or it may mark it as unsecure to site visitors.

This means your site could become inaccessible or unusable to visitors who access your site via Chrome (the most popular browser, used by about more than two-thirds of internet users worldwide).

To determine if your site is not secure, do the following:

  • Go to the website in Chrome
  • Click on the lock next to the URL

  • Check to see if the connection is secure

  • Click on “Certificate” to see who provides the security and look for the name “Symantec Corporation”

If your site is not secure, contact your hosting company immediately and request that they host your site securely (using https://).

If your site currently uses Symantec, ask your hosting company to change the Symantec certificate as soon as possible. DigiCert and Let’s Encrypt both offer free replacement certificates for anyone affected by this change to Chrome.

For help with digital strategy and best practices, contact Chris Ferris, Vice President Of Digital Strategy at Pierpont.