Incident Response, Network Security, TDR, Vulnerability Management

Google rolls out HSTS encryption to safeguard web browsing

Google has enhanced encryption on its google.com domain with the rollout of HTTP Strict Transport Security (HSTS).

The technology strengthens web security by blocking users from inadvertently being steered toward URLs with the legacy HTTP and instead transferring those clicks to more secure URLs using HTTPS.

The web security policy mechanism helps protect against eavesdroppers, man-in-the-middle attacks and hijackers trying to spoof a trusted website, according to TechRepublic. The most popular browsers – Chrome, Safari, and Internet Explorer – all support HSTS.

"HSTS prevents people from accidentally navigating to HTTP URLs by automatically converting insecure HTTP URLs into secure HTTPS URLs," Jay Brown, a senior technical program manager for security at Google, said in a blog post.

While the technology has been in place for Gmail since March 2014, the company plans to implement it across all its products in the coming months, Brown said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.