Home / News / Tony Scott: HTTPS to Become Standard on All Public Federal Websites, Services

Tony Scott: HTTPS to Become Standard on All Public Federal Websites, Services

Tony Scott
Tony Scott

Federal CIO Tony Scott has issued guidance for agencies to transition all public-facing federal websites and Web services to Hypertext Transfer Protocol Secure by Dec. 31, 2016, in efforts to ensure a secure connection.

In a memo sent Monday to the heads of executive departments and agencies, Scott said government websites will use the HTTPS protocol in efforts to foster data privacy and security.

He noted that while many agencies already use HTTPS for online services, the guidance builds on previous material from the Office of Management and Budget to increase adoption of the protocol across government.

Scott directed agencies to conduct a risk-based analysis to manage the transition of existing public websites and Web services, while all new websites and services must be available through HTTPS upon launch.

Agencies should also consider factors such as the impact on site performance, support for Server Name Indication, website content, Web clients, flexibility for updates, support for Domain Name System Security and implementation of HTTP Strict Transport Security, he added.

The guidance notes that the use of the unencrypted HTTP protocol makes the agency Web domain vulnerable to threat activities such as tracking, eavesdropping and manipulation of data.

Scott said HTTPS works to check the identity of a website and encrypt most information exchanged between the website and the user.

He also indicated that the adoption of HTTPS is cost-effective in that the benefits outweigh the administrative, development and financial cost of implementation.

Check Also

Navy Seeking to Establish Analytics Unit Addressing Fleet Readiness

Adm. Christopher Grady, head of the U.S. Fleet Forces Command, said during the WEST 2019 conference he intends to create a Fleet Analytics Office supporting the U.S. Navy fleet readiness efforts, USNI reported Tuesday. Grady noted that the new office will use real-time reporting systems to handle data collection and risk assessment operations under the Revolutionize Readiness Campaign Plan initiative.

Leave a Reply

Your email address will not be published. Required fields are marked *