Digital Government

RIP, HTTP

Shutterstock image (Dencg) : digital government concept.

In a June 8 memo, the Office of Management and Budget finalized an HTTPS-only standard for federal websites, ditching the insecure HTTP of the past.

The unencrypted HTTP protocol -- which most federal sites currently use – “does not protect data from interception or alteration, which can subject users to eavesdropping, tracking, and the modification of received data,” the OMB memo notes. “An HTTPS-only mandate will provide the public with a consistent, private browsing experience and position the Federal Government as a leader in Internet security.”

"As we've said before, every .gov website, no matter how small, should give its visitors a secure, private connection," the General Services Administration's 18F spokespersons blogged about the announcement. "We're thrilled to see HTTPS become the new baseline for federal web services."

For guidance on the HTTPS migration, agencies can look to https://https.cio.gov/ -- agencies must bring all sites and services into the HTTPS fold by Dec. 31, 2016.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected