Digital Government

RIP, HTTP

Shutterstock image (Dencg) : digital government concept.

In a June 8 memo, the Office of Management and Budget finalized an HTTPS-only standard for federal websites, ditching the insecure HTTP of the past.

The unencrypted HTTP protocol -- which most federal sites currently use – “does not protect data from interception or alteration, which can subject users to eavesdropping, tracking, and the modification of received data,” the OMB memo notes. “An HTTPS-only mandate will provide the public with a consistent, private browsing experience and position the Federal Government as a leader in Internet security.”

"As we've said before, every .gov website, no matter how small, should give its visitors a secure, private connection," the General Services Administration's 18F spokespersons blogged about the announcement. "We're thrilled to see HTTPS become the new baseline for federal web services."

For guidance on the HTTPS migration, agencies can look to https://https.cio.gov/ -- agencies must bring all sites and services into the HTTPS fold by Dec. 31, 2016.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.