We believe in the importance of protecting our networks, data, and users from unauthorised access and use. Which is why, over the past couple of months, Qualifio has been testing additional safeguards and checks around the secure communication protocol HTTPS, with the intention of making HTTPS mandatory for all campaigns.
During the week of May 4th 2020, we will deploy a full HTTPS plan.
What is HTTPS?
Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a browser and a web server. The main difference is that HTTPS is encrypted in order to increase the security of data transfer.
Why is 'full HTTPS' important?
Full HTTPS is designed to make the whole connection encrypted and prevents hackers from reading and modifying the data during the transfer between the browser and the webserver. Even if malicious entities manage to intercept the communication, they will not be able to use it because the message is encrypted.
Thus, it’s the safest way of securing your campaigns, particularly when collecting personal data.
Best practices when using Qualifio
The HTTPS push is actually not new for Qualifio. It’s been a concern for years, and HTTPS was already enabled by default for all new websites since 2019. This requires an SSL security certificate, and a locked orange padlock indicates your website is HTTPS secured.
What happens if a website doesn’t have HTTPS?
Well, not the end of civilisation. It will actually work and be compatible with Qualifio. If you connect a non-HTTPS subdomain to your Qualifio account, it will redirect to HTTPS automatically without the participants noticing.
How does this impact me?
As of May 2020, Qualifio will ensure an even higher level of security by only supporting content that is HTTPS secured. In other words, we’re starting to force content to be HTTPS secured.
For most of you, this won’t change anything –if you already run on HTTPS. This change impacts customers who use HTTP content in their campaigns.
We strongly recommend you avoid using HTTP content such as scripts or images in all campaigns. If you do, that content won’t be supported anymore, which will result in an error. By May, you should verify you don’t have any content HTTP content.
More details on implementing SSL on your websites and campaigns:
As always, you can reach out to our Support Team at: https://qualifio.zendesk.com/hc/en-us/requests/new