Digital Government

RIP, HTTP

  • By Zach Noble
  • Jun 08, 2015
Shutterstock image (Dencg) : digital government concept.

In a June 8 memo, the Office of Management and Budget finalized an HTTPS-only standard for federal websites, ditching the insecure HTTP of the past.

The unencrypted HTTP protocol -- which most federal sites currently use – “does not protect data from interception or alteration, which can subject users to eavesdropping, tracking, and the modification of received data,” the OMB memo notes. “An HTTPS-only mandate will provide the public with a consistent, private browsing experience and position the Federal Government as a leader in Internet security.”

"As we've said before, every .gov website, no matter how small, should give its visitors a secure, private connection," the General Services Administration's 18F spokespersons blogged about the announcement. "We're thrilled to see HTTPS become the new baseline for federal web services."

For guidance on the HTTPS migration, agencies can look to https://https.cio.gov/ -- agencies must bring all sites and services into the HTTPS fold by Dec. 31, 2016.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • Workforce
    coronavirus molecule (creativeneko/Shutterstock.com)

    OMB urges 'maximum telework flexibilities' for DC-area feds

    A Sunday evening memo ahead of a potentially chaotic commute urges agency heads to pivot to telework as much as possible.

  • Acquisition
    Shutterstock ID: 1993681 By Jurgen Ziewe

    Spinning up telework presents procurement challenges

    As concerns over the coronavirus outbreak drives more agencies towards expanding employee telework, federal acquisition contracts can help ease some of the pain.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.