Using the HTTPS protocol and offering a secure and protected connection is of fundamental importance for every website, first of all to protect the data of users who navigate the site but also to improve the online visibility of the website.
Google , in fact, has openly declared that it rewards sites that have an SSL certificate and a secure HTTPS connection and Google Chrome , the most used browser for surfing online, reports websites without the HTTPS protocol as not secure.
Sanctions for websites without HTTPS. The case of Servizio Idrico Integrato Scpa
In addition to the lack of security guarantees given to website visitors and the problems related to indexing on australia phone number list Google, the absence of an HTTPS connection can also lead to administrative sanctions for the violation of some principles established by the GDPR , the General Data Protection Regulation.
This is what happened recently to the Integrated Water Service Scpa . The company received a fine of 15,000 euros from the Privacy Guarantor for not using the HTTPS protocol.
Following a user's report, the Privacy Guarantor found that the company had not protected a reserved area of its website with HTTPS . To access this area, the username and password were required using the HTTP protocol, which does not allow encryption of the data entered.
Servizio Idrico Integrato Scpa defended itself by specifying that there are no payment data within the reserved area in question and that there are no data violations.